81 matches found
EUVD-2014-0017
Malware in sbrugna...
EUVD-2019-0044
Malware in sbrugna...
EUVD-2014-0016
Malware in sbrugna...
Djblets Cross-site scripting Vulnerability
A cross-site scripting XSS vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name...
GHSA-4XF6-XR96-7VMP Djblets Cross-site scripting Vulnerability
A cross-site scripting XSS vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name...
Djiblets Cross-site scripting Vulnerability via JSON Objects
A cross-site scripting XSS vulnerability in util/templatetags/djbletsjs.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django, as used in Review Board, allows remote attackers to inject arbitrary web script or HTML via a JSON object, as demonstrated by the name field when changing a user...
Djiblets Cross-site scripting Vulnerability via JSON Objects
A cross-site scripting XSS vulnerability in util/templatetags/djbletsjs.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django, as used in Review Board, allows remote attackers to inject arbitrary web script or HTML via a JSON object, as demonstrated by the name field when changing a user...
Djblets Cross-site scripting Vulnerability
A cross-site scripting XSS vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name...
GHSA-58H8-44MG-R43X ReviewBoard and Djblets library are vulnerable to code execution
An eval vulnerability exists in Python Software Foundation Djblets version before 0.6.30 and 0.7.0 before 0.7.19 and Beanbag Review Board before 1.7.15 when parsing JSON requests allowing an attacker to execute arbitrary Python code...
ReviewBoard and Djblets library are vulnerable to code execution
An eval vulnerability exists in Python Software Foundation Djblets version before 0.6.30 and 0.7.0 before 0.7.19 and Beanbag Review Board before 1.7.15 when parsing JSON requests allowing an attacker to execute arbitrary Python code...
ReviewBoard and Djblets library are vulnerable to code execution
An eval vulnerability exists in Python Software Foundation Djblets version before 0.6.30 and 0.7.0 before 0.7.19 and Beanbag Review Board before 1.7.15 when parsing JSON requests allowing an attacker to execute arbitrary Python code...
Mageia: Security Advisory (MGASA-2014-0462)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-4409
An eval vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests...
PYSEC-2019-175
An eval vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests...
Code injection
An eval vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests...
PYSEC-2019-175
An eval vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests...
CVE-2013-4409
An eval vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests...
CVE-2013-4409
An eval vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests...
CVE-2013-4409
CVE-2013-4409 involves an eval() vulnerability in Python DJblets and Beanbag Review Board when parsing JSON requests. Connected sources confirm a code-execution risk in Djblets around 0.7.x and Review Board prior to 1.7.15, with variants mentioning older sub-versions (e.g., 0.6.30/0.7.0 lines) an...
FreeBSD : py-djblets -- Self-XSS vulnerability (df328fac-f942-11e5-92ce-002590263bf5)
Djblets Release Notes reports : A recently-discovered vulnerability in the datagrid templates allows an attacker to generate a URL to any datagrid page containing malicious code in a column sorting value. If the user visits that URL and then clicks that column, the code will execute. The cause of...