Описание
Django REST framework (aka django-rest-framework) before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | not-affected | 3.10.2-1 |
| esm-apps/jammy | not-affected | |
| esm-apps/noble | not-affected | |
| esm-apps/xenial | needs-triage | |
| focal | not-affected | 3.10.2-1 |
| jammy | not-affected | |
| kinetic | not-affected |
Показывать по
10
Ссылки на источники
6.1 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.1
nvd
больше 3 лет назад
Django REST framework (aka django-rest-framework) before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping.
CVSS3: 6.1
debian
больше 3 лет назад
Django REST framework (aka django-rest-framework) before 3.9.1 allows ...
6.1 Medium
CVSS3