[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-41810":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":67,"aliases":68,"duplicate_of":9,"upstream":71,"downstream":72,"duplicates":97,"related":98,"reserved_at":9,"published_at":105,"modified_at":106,"state":107,"summary":108,"references_raw":117,"kevs":152,"epss":153,"epss_history":156,"metrics":393,"affected":403},"CVE-2024-41810","Twisted is an event-based framework for internet applications, supporting Python 3.6+. The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting (XSS) in the redirect response HTML body. This vulnerability is fixed in 24.7.0rc1.",null,[11,44],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-79","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.","weakness","Stable","Base","High",[20,24,28,32,36,40],{"id":21,"name":22,"techniques":23},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":25,"name":26,"techniques":27},"CAPEC-588","DOM-Based XSS",[],{"id":29,"name":30,"techniques":31},"CAPEC-591","Reflected XSS",[],{"id":33,"name":34,"techniques":35},"CAPEC-592","Stored XSS",[],{"id":37,"name":38,"techniques":39},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":41,"name":42,"techniques":43},"CAPEC-85","AJAX Footprinting",[],{"_key":45,"id":45,"name":46,"description":47,"type":15,"status":48,"abstraction":49,"likelihood_of_exploit":18,"capec":50},"CWE-80","Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)","The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as \"\u003C\", \">\", and \"&\" that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages.","Incomplete","Variant",[51,55,59,63],{"id":52,"name":53,"techniques":54},"CAPEC-18","XSS Targeting Non-Script Elements",[],{"id":56,"name":57,"techniques":58},"CAPEC-193","PHP Remote File Inclusion",[],{"id":60,"name":61,"techniques":62},"CAPEC-32","XSS Through HTTP Query Strings",[],{"id":64,"name":65,"techniques":66},"CAPEC-86","XSS Through HTTP Headers",[],[],[69,70],"GHSA-cf56-g6w6-pqq2","PYSEC-2024-75",[],[73,75,77,79,81,83,85,87,89,91,93,95],{"_key":74},"SUSE-SU-2024:2860-1",{"_key":76},"SUSE-SU-2024:2732-1",{"_key":78},"SUSE-SU-2024:2757-1",{"_key":80},"UBUNTU-CVE-2024-41810",{"_key":82},"SUSE-SU-2024:2880-1",{"_key":84},"OPENSUSE-SU-2024:14236-1",{"_key":86},"DLA-3970-1",{"_key":88},"DSA-5797-1",{"_key":90},"MGASA-2025-0054",{"_key":92},"DEBIAN-CVE-2024-41810",{"_key":94},"USN-6988-1",{"_key":96},"RHSA-2024:7312",[],[99,100,101,102,103,104],{"_key":74},{"_key":76},{"_key":78},{"_key":82},{"_key":84},{"_key":90},"2024-07-29T15:41:40.289Z","2025-11-03T22:01:01.094Z","Modified",{"cisa_kev":109,"cisa_ransomware":109,"cisa_vendor":9,"epss_severity":110,"epss_score":111,"severity":112,"severity_score":113,"severity_version":114,"severity_source":115,"severity_vector":116,"severity_status":107},false,"critical",0.67844,"medium",6.1,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",[118,128,135,139,143,147],{"url":119,"sources":120,"tags":123},"https://github.com/twisted/twisted/security/advisories/GHSA-cf56-g6w6-pqq2",[115,121,122],"nvd","osv_pypi",[124,125,126,127],"X Refsource CONFIRM","Vendor Advisory","WEB","Advisory",{"url":129,"sources":130,"tags":131},"https://github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33",[115,121,122],[132,133,126,134],"X Refsource MISC","Patch","FIX",{"url":136,"sources":137,"tags":138},"https://lists.debian.org/debian-lts-announce/2024/11/msg00028.html",[115,121,122],[126],{"url":140,"sources":141,"tags":142},"https://nvd.nist.gov/vuln/detail/CVE-2024-41810",[122],[127],{"url":144,"sources":145,"tags":146},"https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2024-75.yaml",[122],[126],{"url":148,"sources":149,"tags":150},"https://github.com/twisted/twisted",[122],[151],"PACKAGE",[],{"date":154,"score":111,"percentile":155},"2026-06-04",0.98602,[157,161,165,168,170,173,175,177,180,182,185,187,189,191,193,197,200,203,206,210,213,216,219,221,223,225,228,231,234,237,241,244,247,249,252,254,256,259,262,265,267,269,271,273,276,280,282,284,287,289,291,295,298,300,303,306,308,310,313,316,319,321,324,326,329,332,334,337,340,342,344,346,348,350,352,355,358,361,363,366,368,370,372,374,377,380,383,385,388,390],{"date":158,"score":159,"percentile":160},"2025-11-04",0.66868,0.98469,{"date":162,"score":163,"percentile":164},"2025-11-05",0.64732,0.98369,{"date":166,"score":163,"percentile":167},"2025-11-06",0.9837,{"date":169,"score":163,"percentile":164},"2025-11-07",{"date":171,"score":163,"percentile":172},"2025-11-08",0.98368,{"date":174,"score":163,"percentile":164},"2025-11-09",{"date":176,"score":163,"percentile":172},"2025-11-10",{"date":178,"score":163,"percentile":179},"2025-11-11",0.98367,{"date":181,"score":163,"percentile":167},"2025-11-12",{"date":183,"score":163,"percentile":184},"2025-11-13",0.98371,{"date":186,"score":163,"percentile":184},"2025-11-14",{"date":188,"score":163,"percentile":172},"2025-11-15",{"date":190,"score":163,"percentile":164},"2025-11-16",{"date":192,"score":163,"percentile":164},"2025-11-17",{"date":194,"score":195,"percentile":196},"2025-11-18",0.29728,0.96357,{"date":198,"score":195,"percentile":199},"2025-11-19",0.96358,{"date":201,"score":195,"percentile":202},"2025-11-20",0.9636,{"date":204,"score":163,"percentile":205},"2025-11-21",0.98366,{"date":207,"score":208,"percentile":209},"2025-11-22",0.67939,0.98505,{"date":211,"score":208,"percentile":212},"2025-11-23",0.98503,{"date":214,"score":208,"percentile":215},"2025-11-24",0.98502,{"date":217,"score":208,"percentile":218},"2025-11-25",0.98504,{"date":220,"score":208,"percentile":218},"2025-11-26",{"date":222,"score":208,"percentile":218},"2025-11-27",{"date":224,"score":208,"percentile":209},"2025-11-28",{"date":226,"score":208,"percentile":227},"2025-11-29",0.98507,{"date":229,"score":208,"percentile":230},"2025-11-30",0.98506,{"date":232,"score":208,"percentile":233},"2025-12-01",0.98521,{"date":235,"score":208,"percentile":236},"2025-12-02",0.98522,{"date":238,"score":239,"percentile":240},"2025-12-03",0.62879,0.98307,{"date":242,"score":239,"percentile":243},"2025-12-04",0.98288,{"date":245,"score":239,"percentile":246},"2025-12-05",0.98287,{"date":248,"score":239,"percentile":243},"2025-12-06",{"date":250,"score":239,"percentile":251},"2025-12-07",0.98289,{"date":253,"score":239,"percentile":251},"2025-12-08",{"date":255,"score":239,"percentile":251},"2025-12-09",{"date":257,"score":239,"percentile":258},"2025-12-10",0.98292,{"date":260,"score":239,"percentile":261},"2025-12-11",0.98295,{"date":263,"score":239,"percentile":264},"2025-12-12",0.98297,{"date":266,"score":239,"percentile":264},"2025-12-13",{"date":268,"score":239,"percentile":264},"2025-12-14",{"date":270,"score":239,"percentile":264},"2025-12-15",{"date":272,"score":239,"percentile":264},"2025-12-16",{"date":274,"score":239,"percentile":275},"2025-12-17",0.98299,{"date":277,"score":278,"percentile":279},"2025-12-18",0.68165,0.98525,{"date":281,"score":278,"percentile":279},"2025-12-19",{"date":283,"score":278,"percentile":279},"2025-12-20",{"date":285,"score":278,"percentile":286},"2025-12-21",0.98526,{"date":288,"score":278,"percentile":286},"2025-12-22",{"date":290,"score":278,"percentile":286},"2025-12-23",{"date":292,"score":293,"percentile":294},"2025-12-24",0.66799,0.98471,{"date":296,"score":278,"percentile":297},"2025-12-25",0.98529,{"date":299,"score":278,"percentile":297},"2025-12-26",{"date":301,"score":278,"percentile":302},"2025-12-27",0.98544,{"date":304,"score":278,"percentile":305},"2025-12-28",0.9853,{"date":307,"score":278,"percentile":305},"2025-12-29",{"date":309,"score":278,"percentile":305},"2025-12-30",{"date":311,"score":278,"percentile":312},"2025-12-31",0.98531,{"date":314,"score":278,"percentile":315},"2026-01-01",0.98546,{"date":317,"score":278,"percentile":318},"2026-01-02",0.98545,{"date":320,"score":278,"percentile":318},"2026-01-03",{"date":322,"score":278,"percentile":323},"2026-01-04",0.98532,{"date":325,"score":278,"percentile":323},"2026-01-05",{"date":327,"score":278,"percentile":328},"2026-01-06",0.98533,{"date":330,"score":278,"percentile":331},"2026-01-07",0.98534,{"date":333,"score":278,"percentile":331},"2026-01-08",{"date":335,"score":278,"percentile":336},"2026-01-09",0.98535,{"date":338,"score":278,"percentile":339},"2026-01-10",0.98536,{"date":341,"score":278,"percentile":339},"2026-01-11",{"date":343,"score":278,"percentile":336},"2026-01-12",{"date":345,"score":278,"percentile":331},"2026-01-13",{"date":347,"score":278,"percentile":336},"2026-01-14",{"date":349,"score":278,"percentile":339},"2026-01-15",{"date":351,"score":278,"percentile":339},"2026-01-16",{"date":353,"score":278,"percentile":354},"2026-01-17",0.98538,{"date":356,"score":278,"percentile":357},"2026-01-18",0.9854,{"date":359,"score":278,"percentile":360},"2026-01-19",0.98541,{"date":362,"score":278,"percentile":360},"2026-01-20",{"date":364,"score":278,"percentile":365},"2026-01-21",0.98542,{"date":367,"score":278,"percentile":302},"2026-01-22",{"date":369,"score":278,"percentile":318},"2026-01-23",{"date":371,"score":278,"percentile":315},"2026-01-24",{"date":373,"score":278,"percentile":315},"2026-01-25",{"date":375,"score":278,"percentile":376},"2026-01-26",0.98547,{"date":378,"score":278,"percentile":379},"2026-01-27",0.98548,{"date":381,"score":278,"percentile":382},"2026-01-28",0.98549,{"date":384,"score":278,"percentile":382},"2026-01-29",{"date":386,"score":278,"percentile":387},"2026-01-30",0.9855,{"date":389,"score":278,"percentile":382},"2026-01-31",{"date":391,"score":278,"percentile":392},"2026-02-01",0.98561,[394,399,401],{"source":115,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":395,"cvss_v4_0":9},{"baseScore":113,"baseSeverity":396,"vectorString":116,"impactScore":397,"exploitabilityScore":398},"MEDIUM",4.5,7.2,{"source":121,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":400,"cvss_v4_0":9},{"baseScore":113,"baseSeverity":396,"vectorString":116,"impactScore":397,"exploitabilityScore":398},{"source":122,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":402,"cvss_v4_0":9},{"baseScore":113,"baseSeverity":9,"vectorString":116,"impactScore":397,"exploitabilityScore":398},[404,418],{"ecosystem":405,"name":406,"vendor":405,"product":406,"cpe_part":9,"purl_type":407,"purl_namespace":9,"purl_name":406,"source":9,"versions":408},"PyPI","twisted","pypi",[409,415],{"version":410,"is_range":411,"range_type":412,"version_start":9,"version_start_type":9,"version_end":413,"version_end_type":414,"fixed_in":9},"lt046a164f89a0f08d3239ecebd750360f8914df33",true,"ecosystem","046a164f89a0f08d3239ecebd750360f8914df33","excluding",{"version":416,"is_range":411,"range_type":412,"version_start":9,"version_start_type":9,"version_end":417,"version_end_type":414,"fixed_in":9},"lt24_7_0rc1","24.7.0rc1",{"ecosystem":9,"name":406,"vendor":406,"product":406,"cpe_part":419,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":420},"a",[421],{"version":422,"is_range":411,"range_type":423,"version_start":9,"version_start_type":9,"version_end":424,"version_end_type":425,"fixed_in":9},"lte24.3.0","cpe","24.3.0","including"]