Moderate severityNVD Advisory· Published Oct 7, 2021· Updated Aug 4, 2024
CVE-2021-42053
CVE-2021-42053
Description
The Unicorn framework through 0.35.3 for Django allows XSS via component.name.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
django-unicornPyPI | < 0.36.0 | 0.36.0 |
Affected products
2- Unicorn framework/Unicorn framework for Djangodescription
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
8- github.com/advisories/GHSA-c87f-fq5g-63r2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-42053ghsaADVISORY
- packetstormsecurity.com/files/164442/django-unicorn-0.35.3-Cross-Site-Scripting.htmlghsax_refsource_MISCWEB
- github.com/adamghill/django-unicorn/commit/aa5b9835d946bd9893ef02e556859e3ea62cc5e2ghsaWEB
- github.com/adamghill/django-unicorn/compare/0.35.3...0.36.0ghsax_refsource_MISCWEB
- github.com/adamghill/django-unicorn/pull/288ghsaWEB
- github.com/adamghill/django-unicorn/pull/288/filesmitrex_refsource_MISC
- github.com/pypa/advisory-database/tree/main/vulns/django-unicorn/PYSEC-2021-357.yamlghsaWEB
News mentions
0No linked articles in our index yet.