Lucene search
HistoryMar 12, 2015 - 2:59 p.m.
CVE-2015-2241
cve
2015
2241
cross-site scripting
xss vulnerability
django
admin/helpers.py
5.5 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
64.7%
Cross-site scripting (XSS) vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a model attribute in ModelAdmin.readonly_fields, as demonstrated by a @property.
| CPE | Name | Operator | Version |
|---|---|---|---|
| djangoproject:django | djangoproject django | le | 1.7.5 |
| djangoproject:django | djangoproject django | eq | 1.8 |
Related
osv
osv
Django Cross-site Scripting Vulnerability
2022-05-17 03:34:12
PYSEC-2015-8
2015-03-12 14:59:00
archlinux
archlinux
python2-django python-django - cross site scripting
2015-03-11 00:00:00
cvelist
cvelist
CVE-2015-2241
2015-03-12 14:00:00
debiancve
debiancve
CVE-2015-2241
2015-03-12 14:59:00
ubuntucve
ubuntucve
CVE-2015-2241
2015-03-12 00:00:00
github
github
Django Cross-site Scripting Vulnerability
2022-05-17 03:34:12
prion
prion
Cross site scripting
2015-03-12 14:59:00
mageia
mageia
Updated python-django packages fix security vulnerabilities
2015-04-03 16:11:23
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0127)
2022-01-28 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : python-django (MDVSA-2015:109)
2015-03-30 00:00:00
5.5 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
64.7%
Related for CVE-2015-2241