Tr3Jer

**Name of the Vulnerable Software and Affected Versions** Contentful versions prior to 2020-05-21 **Description** The issue allows reflected XSS, as demonstrated by the `api` parameter to the `/the-example-app.py` endpoint. **Recommendations** For versions prior to 2020-05-21, update to a version released after 2020-05-21 to resolve the issue. As a temporary workaround, consider restricting access to the `api` parameter in the affected endpoint until a patch is available.