Lucene search
HistoryMar 12, 2015 - 2:59 p.m.
CVE-2015-2241
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.002
Percentile
64.9%
Cross-site scripting (XSS) vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a model attribute in ModelAdmin.readonly_fields, as demonstrated by a @property.
Affected configurations
Node
djangoprojectdjangoRange≤1.7.5
ORdjangoprojectdjangoMatch1.8beta1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| djangoproject | django | * | cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* |
| djangoproject | django | 1.8 | cpe:2.3:a:djangoproject:django:1.8:beta1:*:*:*:*:*:* |
Related
archlinux
archlinux
python2-django python-django - cross site scripting
2015-03-11 00:00:00
osv
osv
Django Cross-site Scripting Vulnerability
2022-05-17 03:34:12
PYSEC-2015-8
2015-03-12 14:59:00
debiancve
debiancve
CVE-2015-2241
2015-03-12 14:59:05
cvelist
cvelist
CVE-2015-2241
2015-03-12 14:00:00
ubuntucve
ubuntucve
CVE-2015-2241
2015-03-12 00:00:00
github
github
Django Cross-site Scripting Vulnerability
2022-05-17 03:34:12
prion
prion
Cross site scripting
2015-03-12 14:59:00
cve
cve
CVE-2015-2241
2015-03-12 14:59:05
mageia
mageia
Updated python-django packages fix security vulnerabilities
2015-04-03 16:11:23
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0127)
2022-01-28 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : python-django (MDVSA-2015:109)
2015-03-30 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.002
Percentile
64.9%
Related for NVD:CVE-2015-2241