Описание
Django MarkdownX Cross-Site Scripting (XSS) vulnerability
Cross-Site Scripting (XSS) vulnerability in the Django MarkdownX project, affecting version 4.0.2. An attacker could store a specially crafted JavaScript payload in the upload functionality due to lack of proper sanitisation of JavaScript elements.
Пакеты
Наименование
django-markdownx
pip
Затронутые версииВерсия исправления
<= 4.0.2
Отсутствует
Связанные уязвимости
CVSS3: 5.4
nvd
почти 2 года назад
Cross-Site Scripting (XSS) vulnerability in the Django MarkdownX project, affecting version 4.0.2. An attacker could store a specially crafted JavaScript payload in the upload functionality due to lack of proper sanitisation of JavaScript elements.