Linux Distros Unpatched Vulnerability : CVE-2020-25626

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properl...

PYSEC-2020-263

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious...

PYSEC-2020-263

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious tags, leadin...

CVE-2020-25626

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious tags, leadin...

CVE-2020-25626

CVE-2020-25626 affects Django REST Framework (DRF) with versions prior to 3.12.0 and prior to 3.11.2. The flaw is an improper escape of certain user-controlled strings in the browseable API viewer, allowing injection of script tags (XSS). Impact is limited to cases where attackers can influence t...

PT-2020-16135 · Django +1 · Django Rest Framework +1

Name of the Vulnerable Software and Affected Versions: Django REST Framework versions prior to 3.12.0 Django REST Framework versions prior to 3.11.2 Description: A flaw in Django REST Framework allows for a cross-site-scripting XSS issue when using the browseable API viewer. The framework fails t...