CVE-2024-11404

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS. This issue affects django Filer: from 3 before 3.3...

Arbitrary File Upload

djangofiler is vulnerable to Arbitrary file upload. The vulnerability is due to improper input validation and the lack of neutralization of script-related HTML tags in django Filer, allows attackers to upload files with dangerous types and manipulate input data, leading to stored XSS...

danceschool-dancervax (>=0.1.1 <=0.1.5), django-danceschool (>=0.9.1 <=0.9.3) +5 more potentially affected by CVE-2024-11404 via django-filer (=3.0.3)

django-filer PYPI version =3.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on django-filer and may be impacted: - danceschool-dancervax =0.1.1, =0.9.1, =0.2.0.0, =1.16.0, =2.7.1 Source cves: CVE-2024-11404 Source advisory:...

Arbitrary File Upload

Overview django-filer is an A file management application for django that makes handling of files and images a breeze. Affected versions of this package are vulnerable to Arbitrary File Upload via the file upload mechanism allowing, by default, the upload of binary or unknown file types...

GHSA-J4V3-WWWX-5GQV Django Filer Unrestricted Upload of File with Dangerous Type

Unrestricted Upload of File with Dangerous Type, Improper Input Validation, Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS.This issue affects django Filer: from 3 before 3....

aldryn-events (>=1.1.1 <=2.0.0), aldryn-forms (>=3.0.4 <=3.0.5) +38 more potentially affected by CVE-2024-11404 via django-filer (>=0.9.9 <=3.0.3)

django-filer PYPI version =0.9.9, =1.1.1, =3.0.4, =1.1.1, =0.2.0, =0.1.1, =0.1.1, =1.4.3, =0.1.0, =0.6.2, =0.0.1, =0.1.0, =0.3.1 - django-imagedeck =0.3.3 and more Source cves: CVE-2024-11404 Source advisory: OSV:GHSA-J4V3-WWWX-5GQV...

CVE-2024-11404

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS. This issue affects django Filer: from 3 before 3.3...

CVE-2024-11404

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS. This issue affects django Filer: from 3 before 3.3...

CVE-2024-11404

CVE-2024-11404 : Affected software is Django Filer (used with Django CMS). The vulnerability is an Unrestricted Upload of File with Dangerous Type and Stored XSS caused by input data manipulation and improper neutralization of script-related HTML tags. Impact is stored XSS with potential data han...

CVE-2024-11404 File Upload Bypass in django Filer

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS. This issue affects django Filer: from 3 before 3.3...

CVE-2024-11404 File Upload Bypass in django Filer

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS. This issue affects django Filer: from 3 before 3.3...

Django Filer 代码问题漏洞

Django Filer is an open source file management application for Django from the Django CMS Association. A code issue vulnerability exists in Django Filer version 3 up to and including version 3.3, which stems from allowing unlimited uploads of dangerous types of files, improper input validation, a...

PT-2024-16962

Name of the Vulnerable Software and Affected Versions django Filer versions 3.0 through 3.2 Description The issue is related to an Unrestricted Upload of File with Dangerous Type, Improper Input Validation, and Improper Neutralization of Script-Related HTML Tags in a Web Page, which can lead to...