Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2021/06/10 5:21 p.m.94 views

Path Traversal in Django

Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if and only if the default admindocs templates have been...

4.9CVSS4.4AI score0.02737EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2021/06/08 6:15 p.m.32 views

CVE-2021-33203

Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if and only if the default admindocs templates have been...

4.9CVSS6AI score
Exploits0References5
Prion
Prion
added 2021/06/08 6:15 p.m.28 views

Directory traversal

Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if and only if the default admindocs templates have been...

4CVSS5.8AI score0.02737EPSS
Exploits0References5Affected Software2
Veracode
Veracode
added 2021/06/03 5:59 a.m.42 views

Directory Traversal

django is vulnerable to Directory Traversal. Lack of path sanitation allows checking of existence of arbitrary files via the use of admindocs TemplateDetailView view by any staff members. Moreover, the default admindocs templates allows developers to customize in such a way that reveals the conte...

4.9CVSS6AI score0.02737EPSS
Exploits0References11Affected Software4
Rows per page
Query Builder