63 matches found
django: XSS in admin's add/change related popup
A cross-site scripting XSS flaw was found in Django. An attacker could exploit the unsafe usage of JavaScript's Element.innerHTML to forge content in the admin's add/change related pop-up. Element.textContent is now used to prevent XSS data execution...
django: XSS in admin's add/change related popup
A cross-site scripting XSS flaw was found in Django. An attacker could exploit the unsafe usage of JavaScript's Element.innerHTML to forge content in the admin's add/change related pop-up. Element.textContent is now used to prevent XSS data execution...
Null pointer dereference
CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted text content that triggers an access of an uninitialized object pointer...