Описание
Cross-Site Scripting
Django-Rest-Framework, before 3.9.1, has a XSS vulnerability caused by disabled autoescaping in the default DRF Browsable API view templates.
Пакеты
Наименование
djangorestframework
pip
Затронутые версииВерсия исправления
< 3.9.1
3.9.1