Количество 4
Количество 4
CVE-2012-3442
The (1) django.http.HttpResponseRedirect and (2) django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a data: URL.
CVE-2012-3442
The (1) django.http.HttpResponseRedirect and (2) django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a data: URL.
CVE-2012-3442
The (1) django.http.HttpResponseRedirect and (2) django.http.HttpRespo ...
GHSA-78vx-ggch-wghm
Django Allows Redirect via Data URL
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2012-3442 The (1) django.http.HttpResponseRedirect and (2) django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a data: URL. | CVSS2: 4.3 | 0% Низкий | почти 13 лет назад |
 | CVE-2012-3442 The (1) django.http.HttpResponseRedirect and (2) django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a data: URL. | CVSS2: 4.3 | 0% Низкий | почти 13 лет назад |
| CVE-2012-3442 The (1) django.http.HttpResponseRedirect and (2) django.http.HttpRespo ... | CVSS2: 4.3 | 0% Низкий | почти 13 лет назад |
| GHSA-78vx-ggch-wghm Django Allows Redirect via Data URL | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу