Calumhutton

**Name of the Vulnerable Software and Affected Versions** Jinja2 (affected versions not specified) **Description** Jinja is an extensible templating engine that allows writing code similar to Python syntax. The Jinja `xmlattr` filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to Cross-Site Scripting (XSS). It may also be possible to bypass attribute validation checks if they are blacklist-based. The `xmlattr` filter in affected versions of Jinja accepts keys containing spaces, which can be used to inject other attributes and perform XSS. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vue.js Devtools extension (affected versions not specified) **Description** The Vue.js Devtools extension leaks screenshot data back to a malicious web page via the standard `postMessage()` API. This occurs when a malicious web page with an iFrame targeting a sensitive resource, such as a locally accessible file or sensitive website, registers a listener on the web page. The extension then sends messages back to the listener, containing the base64 encoded screenshot data of the sensitive resource. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** React Developer Tools extension (affected versions not specified) **Description** The React Developer Tools extension has a message listener registered with `window.addEventListener('message', <listener>)` in a content script accessible to any active webpage in the browser. This listener contains code that requests a URL derived from the received message via `fetch()`. The URL is not validated or sanitized before it is fetched, allowing a malicious webpage to arbitrarily fetch URLs via the victim's browser. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.