in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Therefore, an attacker can inject arbitrary JavaScript code inside the application, and possibly steal a user’s sensitive information.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| sickrage(PyPI) | 4.2.0 | 10.0.11.dev2 | N/A |
CVSS Metrics
