You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Learn more on MITRE.
Impact
Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server.
Patches
Users should upgrade to version 3.20.0.
Workarounds
There are no workarounds for versions < 3.20.0