6 matches found
CVE-2026-34231
Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...
CVE-2026-34231
Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...
CVE-2026-34231 Slippers: Cross-Site Scripting (XSS) in `attrs` Template Tag
Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...
CVE-2026-34231 Slippers: Cross-Site Scripting (XSS) in `attrs` Template Tag
Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...
CVE-2026-34231
Slippers (Django UI component) before version 0.6.3 contains an XSS in the {% attrs %} template tag when untrusted data is interpolated into HTML attributes without escaping. The root cause is that AttrsNode.render() does not escape output, allowing injected HTML/JS to be rendered in the page. Th...
Slippers Vulnerable to Cross-Site Scripting (XSS) in `attrs` Template Tag
Summary A Cross-site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML attribute string without escaping, allowing an attacker to break o...