Page 3 of 21 results (0.006 seconds)
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1CVE-2015-2241 – Mandriva Linux Security Advisory 2015-109
https://notcve.org/view.php?id=CVE-2015-2241
12 Mar 2015 — Cross-site scripting (XSS) vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a model attribute in ModelAdmin.readonly_fields, as demonstrated by a @property. Vulnerabilidad de XSS en la función de contenidos en admin/helpers.py en Django anterior a 1.7.6 y 1.8 anterior a 1.8b2 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de un atributo de mode... • http://www.mandriva.com/security/advisories?name=MDVSA-2015:109 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •