7 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-25045
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping. CVE-2018-2504...
abaci-users (=0.1.0), burl (=1.0.0) +79 more potentially affected by CVE-2018-25045 via django-rest-framework (=0.1.0)
django-rest-framework PYPI version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on django-rest-framework and may be impacted: - abaci-users =0.1.0 - burl =1.0.0 - coopstarter-data =0.1.1, =0.0.2, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.0.4, =0.5.0,...
CVE-2018-25045
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
UBUNTU-CVE-2018-25045
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
CVE-2018-25045
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
CVE-2018-25045
Django REST framework (django-rest-framework) before 3.9.1 is vulnerable to cross-site scripting (XSS) because the default Browsable API templates disable autoescaping. This causes unescaped content to be rendered in the Browsable API UI, enabling potential script injection when user-supplied dat...
CVE-2018-25045
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...