7 matches found
CVE-2020-19002
Cross Site Scripting XSS in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. This issue is different than CVE-2018-16632...
CVE-2020-19002
Cross Site Scripting XSS in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. This issue is different than CVE-2018-16632...
cartridge-braintree (>=1.2.1 <=1.2.2), django-clubhouse (>=0.0.1 <=0.2.19) +1 more potentially affected by CVE-2020-19002 via mezzanine (>=4.1.0 <=4.3.1)
mezzanine PYPI version =4.1.0, =1.2.1, =0.0.1, =0.1.0b1, =1.7.1 Source cves: CVE-2020-19002 Source advisory: OSV:PYSEC-2021-343...
cartridge (>=0.9.0 <=1.3.4), cartridge-braintree (>=1.0.0 <=3.0.6) +16 more potentially affected by CVE-2020-19002 via mezzanine (>=6.0.0 <=6.1.1)
mezzanine PYPI version =6.0.0, =0.9.0, =1.0.0, =0.2.0, =0.1.0, =0.1.5, =1.0.0, =1.0.1, =0.1.0a1, =0.3.0, =1.0.0, =0.3.0, =1.4.0, =0.1.3, =1.0.0, =1.2.0 and more Source cves: CVE-2020-19002 Source advisory: OSV:PYSEC-2021-343...
open-helpdesk (>=0.4.1 <=0.4.4) potentially affected by CVE-2020-19002 via mezzanine (=3.1.10)
mezzanine PYPI version =3.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on mezzanine and may be impacted: - open-helpdesk =0.4.1, =0.4.4 Source cves: CVE-2020-19002 Source advisory: OSV:PYSEC-2021-343...
CVE-2020-19002
Cross Site Scripting XSS in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. This issue is different than CVE-2018-16632...
CVE-2020-19002
Mezzanine 4.3.1 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to execute arbitrary code through the Description field in admin/blog/blogpost/add/. Root cause is XSS in the Description field, distinct from CVE-2018-16632. No exploit status or patch details ...