Lucene search

Django -- possible XSS in traceback section of technical 500 debug page

🗓️ 05 Sep 2017 00:00:00Reported by FreeBSDType

Django possible XSS in technical 500 debug pag

Reporter	Title	Published	Views	Family All 27
Cvelist	CVE-2017-12794	7 Sep 201713:00	–	cvelist
NVD	CVE-2017-12794	7 Sep 201713:29	–	nvd
Veracode	Cross-site Scripting (XSS)	6 Sep 201706:13	–	veracode
Prion	Cross site scripting	7 Sep 201713:29	–	prion
Fedora	[SECURITY] Fedora 26 Update: python-django-1.10.8-1.fc26	14 Sep 201721:56	–	fedora
Tenable Nessus	FreeBSD : Django -- possible XSS in traceback section of technical 500 debug page (aaab03be-932d-11e7-92d8-4b26fc968492)	7 Sep 201700:00	–	nessus
Tenable Nessus	Fedora 26 : python-django (2017-8614a6e905)	15 Sep 201700:00	–	nessus
Tenable Nessus	Ubuntu 17.10 : python-django vulnerabilities (USN-3559-1)	8 Feb 201800:00	–	nessus
Tenable Nessus	openSUSE Security Update : python3-Django (openSUSE-2018-318)	27 Mar 201800:00	–	nessus
Tenable Nessus	openSUSE Security Update : python-Django (openSUSE-2018-317)	27 Mar 201800:00	–	nessus

Source	Link
djangoproject	www.djangoproject.com/weblog/2017/sep/05/security-releases/

OS	OS Version	Architecture	Package	Package Version	Filename
FreeBSD	any	noarch	py27-django110	1.10.8	UNKNOWN
FreeBSD	any	noarch	py34-django110	1.10.8	UNKNOWN
FreeBSD	any	noarch	py35-django110	1.10.8	UNKNOWN
FreeBSD	any	noarch	py36-django110	1.10.8	UNKNOWN
FreeBSD	any	noarch	py27-django111	1.11.5	UNKNOWN
FreeBSD	any	noarch	py34-django111	1.11.5	UNKNOWN
FreeBSD	any	noarch	py35-django111	1.11.5	UNKNOWN
FreeBSD	any	noarch	py36-django111	1.11.5	UNKNOWN

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Sep 2017 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS24.3

CVSS36.1

EPSS0.00223