exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2013-6044

около 12 лет назад

The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting (XSS) or other vulnerabilities into Django applications that use this function, as demonstrated by "the login view in django.contrib.auth.views" and the javascript: scheme.

CVSS2: 4.3

EPSS: Низкий

CVE-2013-6044

больше 12 лет назад

The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting (XSS) or other vulnerabilities into Django applications that use this function, as demonstrated by "the login view in django.contrib.auth.views" and the javascript: scheme.

CVSS2: 4.3

EPSS: Низкий

CVE-2013-6044

около 12 лет назад

The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting (XSS) or other vulnerabilities into Django applications that use this function, as demonstrated by "the login view in django.contrib.auth.views" and the javascript: scheme.

CVSS2: 4.3

EPSS: Низкий

CVE-2013-6044

около 12 лет назад

The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6 ...

CVSS2: 4.3

EPSS: Низкий

GHSA-9cwg-mhxf-hh59

больше 3 лет назад

Django cross-site scripting (XSS) vulnerability via is_safe_url function

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2013-6044 The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting (XSS) or other vulnerabilities into Django applications that use this function, as demonstrated by "the login view in django.contrib.auth.views" and the javascript: scheme.	CVSS2: 4.3	4% Низкий	около 12 лет назад
CVE-2013-6044 The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting (XSS) or other vulnerabilities into Django applications that use this function, as demonstrated by "the login view in django.contrib.auth.views" and the javascript: scheme.	CVSS2: 4.3	4% Низкий	больше 12 лет назад
CVE-2013-6044 The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting (XSS) or other vulnerabilities into Django applications that use this function, as demonstrated by "the login view in django.contrib.auth.views" and the javascript: scheme.	CVSS2: 4.3	4% Низкий	около 12 лет назад
CVE-2013-6044 The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6 ...	CVSS2: 4.3	4% Низкий	около 12 лет назад
GHSA-9cwg-mhxf-hh59 Django cross-site scripting (XSS) vulnerability via is_safe_url function	CVSS3: 6.1	4% Низкий	больше 3 лет назад

Уязвимостей на страницу