Уязвимость CVE-2016-6186

Пакет	Статус	Версия исправления	Релиз	Тип
python-django	fixed	1:1.9.8-1		package

CVE-2016-6186

CVSS3: 6.1

ubuntu

около 9 лет назад

Cross-site scripting (XSS) vulnerability in the dismissChangeRelatedObjectPopup function in contrib/admin/static/admin/js/admin/RelatedObjectLookups.js in Django before 1.8.14, 1.9.x before 1.9.8, and 1.10.x before 1.10rc1 allows remote attackers to inject arbitrary web script or HTML via vectors involving unsafe usage of Element.innerHTML.

CVE-2016-6186

CVSS3: 6.1

redhat

около 9 лет назад

Cross-site scripting (XSS) vulnerability in the dismissChangeRelatedObjectPopup function in contrib/admin/static/admin/js/admin/RelatedObjectLookups.js in Django before 1.8.14, 1.9.x before 1.9.8, and 1.10.x before 1.10rc1 allows remote attackers to inject arbitrary web script or HTML via vectors involving unsafe usage of Element.innerHTML.

CVE-2016-6186

CVSS3: 6.1

nvd

около 9 лет назад

Cross-site scripting (XSS) vulnerability in the dismissChangeRelatedObjectPopup function in contrib/admin/static/admin/js/admin/RelatedObjectLookups.js in Django before 1.8.14, 1.9.x before 1.9.8, and 1.10.x before 1.10rc1 allows remote attackers to inject arbitrary web script or HTML via vectors involving unsafe usage of Element.innerHTML.

GHSA-c8c8-9472-w52h

CVSS3: 6.1

github

около 3 лет назад

Django Cross-site scripting Vulnerability

openSUSE-SU-2018:0826-1

suse-cvrf

больше 7 лет назад

Security update for python-Django

exploitDog

CVE-2016-6186

Описание

Пакеты

Примечания

Связанные уязвимости