CVE-2022-4581

A vulnerability was found in 1j01 mind-map and classified as problematic. This issue affects some unknown processing of the file app.coffee. The manipulation of the argument html leads to cross site scripting. The attack may be initiated remotely. The name of the patch is...

CVE-2022-4581

The CVE-2022-4581 entry concerns 1j01 mind-map. A cross-site scripting vulnerability arises from manipulation of the html argument in the app.coffee processing path, with remote initiation possible. The patch named 9617e6084dfeccd92079ab4d7f439300a4b24394 is recommended for fix. Connected sources...

The vulnerability of the `django.utils.text.Truncator` class’s `chars()` and `words()` methods in the Django web development framework allows a attacker to cause a denial-of-service attack.

The vulnerability of the django.utils.text.Truncator class’s chars and words methods in the Django web development framework is related to the improper handling of the True value as an argument to html. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

CVE-2019-14232

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability i...

UBUNTU-CVE-2019-14232

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability i...