Full Disclosure mailing list archives From: Georgi Guninski <gguninski () gmail com> Date: Tue, 18 Feb 2025 11:46:54 +0200 Python's official documentation contains textbook example of insecure code (XSS) Date: 2025-02-18 Author: Georgi Guninski From the official Python 3.12 documentation on the CGI module [1] === form = cgi.FieldStorage() if "name" not in form or "addr" not in form: print("<H1>Error</H1>") print("Please fill in the name and addr fields.") return print("<p>name:", form["name"].va...