5.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.4%
Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the ‘Description’ field of the component ‘admin/blog/blogpost/add/’. This issue is different than CVE-2018-16632.
github.com/stephenmcd/mezzanine/issues/1921