CVE-2026-3962

Name of the Vulnerable Software and Affected Versions Jcharis Machine-Learning-Web-Apps versions prior to a6996b634d98ccec4701ac8934016e8175b60eb5

Description A security issue exists in Jcharis Machine-Learning-Web-Apps. The render template function within the Jinja2 Template Handler component, located in the file Machine-Learning-Web-Apps-master/Build-n-Deploy-Flask-App-with-Waypoint/app/app.py, is susceptible to cross site scripting. This manipulation can be exploited remotely. The exploit is publicly available. The product utilizes a rolling release model, meaning specific version details for affected and updated releases are unavailable. The project was notified of the issue but has not yet responded.

Recommendations Versions prior to a6996b634d98ccec4701ac8934016e8175b60eb5: At the moment, there is no information about a newer version that contains a fix for this vulnerability.