2 matches found
GHSA-2M34-JCJV-45XF XSS in Django
An issue was discovered in Django version 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack...
PT-2020-5464
Name of the Vulnerable Software and Affected Versions Django versions 2.2 before 2.2.13 Django versions 3.0 before 3.0.7 Description An issue in the Django admin ForeignKeyRawIdWidget allows for a possibility of an XSS attack due to query parameters not being properly URL encoded. This could enab...