Lucene search

K

GoogleOSV:PYSEC-2014-79

HistoryJun 16, 2014 - 6:55 p.m.

PYSEC-2014-79

2014-06-1618:55:00

Google

osv.dev

7

0.003 Low

EPSS

Percentile

65.8%

Cross-site scripting (XSS) vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name.

CPENameOperatorVersion
djbletseq0.7.20
djbletseq0.6.6
djbletseq0.7.4
djbletseq0.7.23
djbletseq0.6.16
djbletseq0.7.27
djbletseq0.6.30
djbletseq0.5.6
djbletseq0.7.7
djbletseq0.6.20

Rows per page:

1-10 of 761

References

seclists.org/oss-sec/2014/q2/494

seclists.org/oss-sec/2014/q2/498

secunia.com/advisories/58691

github.com/djblets/djblets/commit/50000d0bbb983fa8c097b588d06b64df8df483bd

github.com/djblets/djblets/commit/77ac64642ad530bf69e390c51fc6fdcb8914c8e7

github.com/djblets/djblets/commit/e2c79117efd925636acd871a5f473512602243cf

0.003 Low

EPSS

Percentile

65.8%

Related for OSV:PYSEC-2014-79

ubuntucve1 osv1 cve1 nvd1 github1 cvelist1 gitlab1 prion1 openvas1 mageia1