5 matches found
CVE-2024-11404
Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS. This issue affects django Filer: from 3 before 3.3...
danceschool-dancervax (>=0.1.1 <=0.1.5), django-danceschool (>=0.9.1 <=0.9.3) +5 more potentially affected by CVE-2024-11404 via django-filer (=3.0.3)
django-filer PYPI version =3.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on django-filer and may be impacted: - danceschool-dancervax =0.1.1, =0.9.1, =0.2.0.0, =1.16.0, =2.7.1 Source cves: CVE-2024-11404 Source advisory:...
CVE-2024-11404 File Upload Bypass in django Filer
Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS. This issue affects django Filer: from 3 before 3.3...
CVE-2024-11404
CVE-2024-11404 : Affected software is Django Filer (used with Django CMS). The vulnerability is an Unrestricted Upload of File with Dangerous Type and Stored XSS caused by input data manipulation and improper neutralization of script-related HTML tags. Impact is stored XSS with potential data han...
CVE-2024-11404 File Upload Bypass in django Filer
Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS. This issue affects django Filer: from 3 before 3.3...