The vulnerability of the strip_tags() function in the django.utils.html module of the Django software framework allows a attacker to cause a denial-of-service attack.

The vulnerability of the striptags function in the django.utils.html module of the Django software framework relates to unlimited resource allocation due to improper escaping of HTML characters. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending special...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS. It is possible to smuggle malicious JavaScript without the --unsafe option through HTML entities. PoC link Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a...