Логотип exploitDog
bind:CVE-2013-6044
Консоль
Логотип exploitDog

exploitDog

bind:CVE-2013-6044

Количество 5

Количество 5

ubuntu логотип

CVE-2013-6044

почти 12 лет назад

The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting (XSS) or other vulnerabilities into Django applications that use this function, as demonstrated by "the login view in django.contrib.auth.views" and the javascript: scheme.

CVSS2: 4.3
EPSS: Низкий
redhat логотип

CVE-2013-6044

почти 12 лет назад

The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting (XSS) or other vulnerabilities into Django applications that use this function, as demonstrated by "the login view in django.contrib.auth.views" and the javascript: scheme.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2013-6044

почти 12 лет назад

The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting (XSS) or other vulnerabilities into Django applications that use this function, as demonstrated by "the login view in django.contrib.auth.views" and the javascript: scheme.

CVSS2: 4.3
EPSS: Низкий
debian логотип

CVE-2013-6044

почти 12 лет назад

The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6 ...

CVSS2: 4.3
EPSS: Низкий
github логотип

GHSA-9cwg-mhxf-hh59

около 3 лет назад

Django cross-site scripting (XSS) vulnerability via is_safe_url function

CVSS3: 6.1
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
ubuntu логотип
CVE-2013-6044

The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting (XSS) or other vulnerabilities into Django applications that use this function, as demonstrated by "the login view in django.contrib.auth.views" and the javascript: scheme.

CVSS2: 4.3
4%
Низкий
почти 12 лет назад
redhat логотип
CVE-2013-6044

The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting (XSS) or other vulnerabilities into Django applications that use this function, as demonstrated by "the login view in django.contrib.auth.views" and the javascript: scheme.

CVSS2: 4.3
4%
Низкий
почти 12 лет назад
nvd логотип
CVE-2013-6044

The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting (XSS) or other vulnerabilities into Django applications that use this function, as demonstrated by "the login view in django.contrib.auth.views" and the javascript: scheme.

CVSS2: 4.3
4%
Низкий
почти 12 лет назад
debian логотип
CVE-2013-6044

The is_safe_url function in utils/http.py in Django 1.4.x before 1.4.6 ...

CVSS2: 4.3
4%
Низкий
почти 12 лет назад
github логотип
GHSA-9cwg-mhxf-hh59

Django cross-site scripting (XSS) vulnerability via is_safe_url function

CVSS3: 6.1
4%
Низкий
около 3 лет назад

Уязвимостей на страницу