EPSS
Percentile
42.8%
django_user_sessions is vulnerable to information disclosure. The vulnerability exists as the session key could be extracted from session_list.html through an XSS exploit.
session_list.html
github.com/advisories/GHSA-5fq8-3q2f-4m5g
github.com/Bouke/django-user-sessions/security/advisories/GHSA-5fq8-3q2f-4m5g
github.com/jazzband/django-user-sessions/commit/f0c4077e7d1436ba6d721af85cee89222ca5d2d9