Lucene search
K

4 matches found

EUVD
EUVD
added 2026/03/26 7:4 p.m.9 views

EUVD-2026-16311

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the FDC USDA FoodData Central search endpoint constructs an upstream API URL by directly interpolating the user-supplied query parameter into the URL string without...

6.5CVSS5.8AI score0.00467EPSS
Exploits1References1
OSV
OSV
added 2020/06/05 4:24 p.m.2 views

GHSA-2M34-JCJV-45XF XSS in Django

An issue was discovered in Django version 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack...

6.1CVSS6.8AI score0.02873EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2020/06/03 12:0 a.m.8 views

PT-2020-5464 · Django +3 · Django +3

Name of the Vulnerable Software and Affected Versions: Django versions 2.2 before 2.2.13 Django versions 3.0 before 3.0.7 Description: An issue in the Django admin ForeignKeyRawIdWidget allows for a possibility of an XSS attack due to query parameters not being properly URL encoded. This could...

9.8CVSS6.3AI score0.99856EPSS
Exploits42References223
OSV
OSV
added 2007/10/12 10:17 a.m.6 views

DEBIAN-CVE-2007-5386

Cross-site scripting XSS vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string...

4.3CVSS5.6AI score0.03326EPSS
Exploits0References1
Rows per page
Query Builder