Количество 3
Количество 3
CVE-2021-44649
Django CMS 3.7.3 does not validate the plugin_type parameter while generating error messages for an invalid plugin type, resulting in a Cross Site Scripting (XSS) vulnerability. The vulnerability allows an attacker to execute arbitrary JavaScript code in the web browser of the affected user.
CVE-2021-44649
Django CMS 3.7.3 does not validate the plugin_type parameter while gen ...
GHSA-hx7c-qpfq-xcrp
Cross-site Scripting in django-cms
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-44649 Django CMS 3.7.3 does not validate the plugin_type parameter while generating error messages for an invalid plugin type, resulting in a Cross Site Scripting (XSS) vulnerability. The vulnerability allows an attacker to execute arbitrary JavaScript code in the web browser of the affected user. | CVSS3: 5.4 | 1% Низкий | около 4 лет назад |
| CVE-2021-44649 Django CMS 3.7.3 does not validate the plugin_type parameter while gen ... | CVSS3: 5.4 | 1% Низкий | около 4 лет назад |
| GHSA-hx7c-qpfq-xcrp Cross-site Scripting in django-cms | CVSS3: 5.4 | 1% Низкий | около 4 лет назад |
Уязвимостей на страницу