Lucene search
K

51 matches found

vulnersosv
vulnersosv
added 2022/07/24 12:0 a.m.8 views

abaci-users (=0.1.0), burl (=1.0.0) +79 more potentially affected by CVE-2018-25045 via django-rest-framework (=0.1.0)

django-rest-framework PYPI version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on django-rest-framework and may be impacted: - abaci-users =0.1.0 - burl =1.0.0 - coopstarter-data =0.1.1, =0.0.2, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.0.4, =0.5.0,...

6.1CVSS6.3AI score0.00597EPSS
Exploits0
github
github
added 2022/07/24 12:0 a.m.31 views

Django REST framework XSS Vulnerability

Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...

6.1CVSS6.3AI score0.00597EPSS
Exploits0References5Affected Software1
osv
osv
added 2022/07/23 2:15 a.m.3 views

DEBIAN-CVE-2018-25045

Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...

6.1CVSS6AI score0.00597EPSS
Exploits0References1
osv
osv
added 2022/07/23 2:15 a.m.29 views

CVE-2018-25045

Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...

6.1CVSS6AI score
Exploits0References3
ubuntucve
ubuntucve
added 2022/07/23 2:15 a.m.29 views

CVE-2018-25045

Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...

6.1CVSS6.3AI score0.00597EPSS
Exploits0References5
osv
osv
added 2022/07/23 2:15 a.m.6 views

UBUNTU-CVE-2018-25045

Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...

6.1CVSS5.8AI score0.00597EPSS
Exploits0References5
prion
prion
added 2022/07/23 2:15 a.m.22 views

Cross site scripting

Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...

5.8CVSS5.9AI score0.00597EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2022/07/23 1:43 a.m.30 views

CVE-2018-25045

Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...

6AI score0.00597EPSS
Exploits0References3
cve
cve
added 2022/07/23 1:43 a.m.2128 views

CVE-2018-25045

Django REST framework (django-rest-framework) before 3.9.1 is vulnerable to cross-site scripting (XSS) because the default Browsable API templates disable autoescaping. This causes unescaped content to be rendered in the Browsable API UI, enabling potential script injection when user-supplied dat...

6.1CVSS5.8AI score0.00597EPSS
Exploits0References3Affected Software1
debiancve
debiancve
added 2022/07/23 1:43 a.m.71 views

CVE-2018-25045

Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...

6.1CVSS3.1AI score0.00597EPSS
Exploits0
debian
debian
added 2022/07/22 1:1 p.m.89 views

[SECURITY] [DSA 5186-1] djangorestframework security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5186-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 22, 2022 https://www.debian.org/security/faq -...

6.1CVSS6.3AI score0.01286EPSS
Exploits0
osv
osv
added 2021/03/19 9:32 p.m.6 views

GHSA-FX83-3PH3-9J2Q Cross-site Scripting (XSS) in Django REST Framework

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious tags, leadin...

6.1CVSS6.3AI score0.01286EPSS
Exploits0References7
github
github
added 2021/03/19 9:32 p.m.103 views

Cross-site Scripting (XSS) in Django REST Framework

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious tags, leadin...

6.1CVSS6AI score0.01286EPSS
Exploits0References6Affected Software1
osv
osv
added 2020/09/30 8:15 p.m.33 views

CVE-2020-25626

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious tags, leadin...

6.1CVSS6AI score
Exploits0References3
nvd
nvd
added 2020/09/30 8:15 p.m.22 views

CVE-2020-25626

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious tags, leadin...

6.1CVSS0.01286EPSS
Exploits0References3
osv
osv
added 2020/09/30 8:15 p.m.4 views

UBUNTU-CVE-2020-25626

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious tags, leadin...

6.1CVSS5.7AI score0.01286EPSS
Exploits0References3
pypa
pypa
added 2020/09/30 8:15 p.m.11 views

PYSEC-2020-263

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious...

6.1CVSS6.5AI score0.01286EPSS
Exploits0References3Affected Software1
ubuntucve
ubuntucve
added 2020/09/30 8:15 p.m.32 views

CVE-2020-25626

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious tags, leadin...

6.1CVSS6.3AI score0.01286EPSS
Exploits0References2
osv
osv
added 2020/09/30 8:15 p.m.10 views

PYSEC-2020-263

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious tags, leadin...

6.1CVSS6.3AI score0.01286EPSS
Exploits0References3
prion
prion
added 2020/09/30 8:15 p.m.25 views

Cross site scripting

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious tags, leadin...

4.3CVSS6AI score0.01286EPSS
Exploits0References3Affected Software3
Rows per page
Query Builder