1. Jinja2 Security Update: CVE-2024-22195 Exposes XML Attribute Injection Risk
A critical security vulnerability in the widely-used Jinja2 templating engine has prompted an urgent update. The flaw, tracked as CVE-2024-22195, resides in the `xmlattr` filter, which in affected versions incorrectly accepts keys containing spaces. This creates a direct path for XML or HTML attribute injection, as eac...