Lucene search
Djangoblog ProjectDjangoblog
2 matches found
CVE-2019-14232
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability...
7.5CVSS7.6AI score0.02473EPSS
CVE-2023-2954
Cross-site Scripting (XSS) - Stored in GitHub repository liangliangyy/djangoblog prior to master.
5.4CVSS5.1AI score0.00106EPSS