4 matches found
CVE-2024-50810
hopetree izone lts c011b48 contains a Cross Site Scripting XSS vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView does not securely filter user input and renders it directly to the frontend page through templates...
izone 安全漏洞
izone is a Django-based blogging project by the individual developer of Hopetree. A security vulnerability exists in izone, which stems from the AddCommintView function in appscommentviews.py contains a cross-site scripting XSS vulnerability...
CVE-2024-50810
hopetree izone lts c011b48 contains a Cross Site Scripting XSS vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView does not securely filter user input and renders it directly to the frontend page through templates...
CVE-2024-50810
CVE-2024-50810 affects hopetree izone lts (version c011b48). The vulnerability is a Cross Site Scripting (XSS) in the article comment function, caused by AddCommintView() not properly filtering user input and rendering it directly via templates in apps/comment/views.py. This can allow attacker-co...