Lucene search
Veracode Vulnerability DatabaseVERACODE:25037HistoryApr 16, 2020 - 5:56 a.m.
Cross-site Scripting (XSS)
2020-04-1605:56:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.001 Low
EPSS
Percentile
39.3%
wagtail is vulnerable to cross-site scripting (XSS). The vulnerability exists as the page revision history output is returned as unescaped HTML when viewed in the admin interface.
References
github.com/advisories/GHSA-v2wc-pfq2-5cm6
github.com/wagtail/wagtail/commit/61045ceefea114c40ac4b680af58990dbe732389
github.com/wagtail/wagtail/commit/e4c0a9f61cc2ee9a69120f144d51af97114d375a
github.com/wagtail/wagtail/releases/tag/v2.8.1
github.com/wagtail/wagtail/security/advisories/GHSA-v2wc-pfq2-5cm6
Related
cvelist
cvelist
CVE-2020-11001 Possible XSS attack in Wagtail
2020-04-14 23:05:14
cve
cve
CVE-2020-11001
2020-04-14 23:15:11
freebsd
freebsd
Wagtail -- XSS vulnerability
2020-04-03 00:00:00
prion
prion
Cross site scripting
2020-04-14 23:15:00
osv
osv
CVE-2020-11001
2020-04-14 23:15:11
PYSEC-2020-152
2020-04-14 23:15:00
Possible XSS attack in Wagtail
2020-04-14 23:09:29
github
github
Possible XSS attack in Wagtail
2020-04-14 23:09:29
nvd
nvd
CVE-2020-11001
2020-04-14 23:15:11
nessus
nessus