Django is the Django Foundation’s set of open source web application framework based on the Python language. The framework includes an object-oriented mapper, view system, template system, etc. A cross-site scripting vulnerability exists in Django version 3.7.3, which stems from not validating the plugin_type parameter when generating error messages for invalid plugin types. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
django django | eq | 3.7.3 |