VYPR

PyPI package

xmpp-http-upload

pkg:pypi/xmpp-http-upload

Vulnerabilities (1)

  • CVE-2020-15239LowOct 6, 2020
    affected < 0.4.0fixed 0.4.0

    In xmpp-http-upload before version 0.4.0, when the GET method is attacked, attackers can read files which have a `.data` suffix and which are accompanied by a JSON file with the `.meta` suffix. This can lead to Information Disclosure and in some shared-hosting scenarios also to c