2 matches found
CVE-2026-43879
WWBN AVideo is an open source video platform. In versions up to and including 29.0, an authenticated user can configure their own donation-notification webhook URL to point at internal/loopback/metadata hosts e.g. http://127.0.0.1:8080/..., http://169.254.169.254/latest/..., RFC1918 addresses. Wh...
Django 'utils.http.is_safe_url' function cross-site scripting vulnerability
Django is Django Software Foundation of an open source Web application framework using the Python language . The framework includes an object-oriented mapper, view system, template system and so on. A security vulnerability exists in Django's 'utils.http.issafeurl' function, which stems from the...