CVE-2026-3041
Published
CVSS v3
2.4
LOW
CVSS v2
3.3
LOW
Affected
1
PROJECT
Description
A security vulnerability has been detected in xingfuggz BaykeShop up to 1.3.20. Impacted is an unknown function of the file src/baykeshop/contrib/article/templates/baykeshop/sidebar/custom.html of the component Article Sidebar Module. Such manipulation of the argument sidebar.content leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.
baykeShop(拜客商城系统)是一款全开源Python栈商城系统,后端依托django强大的框架体系,本项目融合了django的传统模版体系,同时轻微结合了前后端分离的开发方式,在不同场景选择了不同的技术栈,使其更具学习和研究价值,并且很好的打包为一个Python包文件,使其二次开发以及集成到自身项目更加简便易用,更是python django初学者开发上手学习的不二选择!
GitHub