Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

GitLab Advisory Database
GitLab Advisory Databaseadded 2022/05/17 12:0 a.m.16 views

Djblets Cross-site scripting Vulnerability

A cross-site scripting XSS vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name...

4.3CVSS5.2AI score0.00407EPSS
Exploits1References9Affected Software1
OSV
OSVadded 2019/07/10 5:15 p.m.1 views

ALPINE-CVE-2019-13122

A Cross Site Scripting XSS vulnerability exists in the template tag used to render message ids in Patchwork v1.1 through v2.1.x. This allows an attacker to insert JavaScript or HTML into the patch detail page via an email sent to a mailing list consumed by Patchwork. This affects the function msg...

6.1CVSS5.9AI score0.00717EPSS
Exploits0References1
PyPA
PyPAadded 2014/06/16 6:55 p.m.5 views

PYSEC-2014-79

Cross-site scripting XSS vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name...

4.3CVSS6AI score0.00407EPSS
Exploits1References7Affected Software1
PyPA
PyPAadded 2014/06/16 6:55 p.m.5 views

PYSEC-2014-78

Cross-site scripting XSS vulnerability in util/templatetags/djbletsjs.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django, as used in Review Board, allows remote attackers to inject arbitrary web script or HTML via a JSON object, as demonstrated by the name field when changing a user na...

4.3CVSS6AI score0.00588EPSS
Exploits1References9Affected Software1
CVE
CVEadded 2014/06/16 6:0 p.m.53 views

CVE-2014-3995

Djblets gravatars.py XSS (CVE-2014-3995) affects Djblets for Django via user display name. The vulnerable code paths are in gravatars/templatetags/gravatars.py, with flaws present in versions before 0.7.30 and in 0.8.x before 0.8.3. Exploitation allows remote attackers to inject arbitrary web scr...

4.3CVSS5.6AI score0.00407EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder