exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2015-2317

около 10 лет назад

The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL.

CVSS2: 4.3

EPSS: Низкий

CVE-2015-2317

больше 10 лет назад

The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL.

CVSS2: 2.6

EPSS: Низкий

CVE-2015-2317

около 10 лет назад

The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL.

CVSS2: 4.3

EPSS: Низкий

CVE-2015-2317

около 10 лет назад

The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1. ...

CVSS2: 4.3

EPSS: Низкий

GHSA-7fq8-4pv5-5w5c

около 3 лет назад

Django cross-site scripting (XSS) attack via user-supplied redirect URLs

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2015-2317 The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL.	CVSS2: 4.3	3% Низкий	около 10 лет назад
CVE-2015-2317 The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL.	CVSS2: 2.6	3% Низкий	больше 10 лет назад
CVE-2015-2317 The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL.	CVSS2: 4.3	3% Низкий	около 10 лет назад
CVE-2015-2317 The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1. ...	CVSS2: 4.3	3% Низкий	около 10 лет назад
GHSA-7fq8-4pv5-5w5c Django cross-site scripting (XSS) attack via user-supplied redirect URLs	CVSS3: 6.1	3% Низкий	около 3 лет назад

Уязвимостей на страницу