CVE-2020-13596

2020-06-03T16:52:25
ID RH:CVE-2020-13596
Type redhatcve
Reporter redhat.com
Modified 2021-04-29T21:14:26

Description

A flaw was found in Django, where the query parameters for the admin widget ForeignKeyRawIdWidget were not properly URL encoded. This flaw allows an attacker to perform a Cross-site scripting (XSS) attack. The highest threat from this vulnerability is to confidentiality.