Описание
Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.2.5-1ubuntu1 |
| hardy | ignored | end of life |
| karmic | released | 1.1.1-1ubuntu1.2 |
| lucid | released | 1.1.1-2ubuntu1.3 |
| maverick | released | 1.2.3-1ubuntu0.2.10.10.2 |
| natty | released | 1.2.5-1ubuntu1 |
| oneiric | released | 1.2.5-1ubuntu1 |
| upstream | released | 1.1.4, 1.2.5-1 |
Показывать по
10
EPSS
Процентиль: 86%
0.02962
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
nvd
больше 14 лет назад
Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload.
debian
больше 14 лет назад
Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 ...
EPSS
Процентиль: 86%
0.02962
Низкий
4.3 Medium
CVSS2