CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22199 – Django Template Engine Vulnerable to XSS
https://notcve.org/view.php?id=CVE-2024-22199
11 Jan 2024 — This package provides universal methods to use multiple template engines with the Fiber web framework using the Views interface. This vulnerability specifically impacts web applications that render user-supplied data through this template engine, potentially leading to the execution of malicious scripts in users' browsers when visiting affected web pages. The vulnerability has been addressed, the template engine now defaults to having autoescape set to `true`, effectively mitigating the risk of XSS attacks.... • https://github.com/gofiber/template/commit/28cff3ac4d4c117ab25b5396954676d624b6cb46 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-116: Improper Encoding or Escaping of Output •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2021-33203 – django: Potential directory traversal via ``admindocs``
https://notcve.org/view.php?id=CVE-2021-33203
03 Jun 2021 — Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template ... • https://docs.djangoproject.com/en/3.2/releases/security • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 38%CPEs: 7EXPL: 5CVE-2019-19844 – Django < 3.0 < 2.2 < 1.11 - Account Hijack
https://notcve.org/view.php?id=CVE-2019-19844
18 Dec 2019 — Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.) Django versiones anteriores a 1.11.27, versiones 2.x anteriores a 2.2.9 y versiones 3.x ant... • https://packetstorm.news/files/id/155872 • CWE-640: Weak Password Recovery Mechanism for Forgotten Password •
CVSS: 5.3EPSS: 0%CPEs: 11EXPL: 0CVE-2018-7536 – django: Catastrophic backtracking in regular expressions via 'urlize' and 'urlizetrunc'
https://notcve.org/view.php?id=CVE-2018-7536
06 Mar 2018 — An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable. Se ha descubierto un problema en Django, en versiones 2.0 anteriores a la 2.0.3; versiones... • http://www.securityfocus.com/bid/103361 • CWE-185: Incorrect Regular Expression CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2018-7537 – django: Catastrophic backtracking in regular expressions via 'truncatechars_html' and 'truncatewords_html'
https://notcve.org/view.php?id=CVE-2018-7537
06 Mar 2018 — An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable. Se ha descubierto un problema en Django, en ver... • http://www.securityfocus.com/bid/103357 • CWE-185: Incorrect Regular Expression CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 0CVE-2017-12794 – Ubuntu Security Notice USN-3559-1
https://notcve.org/view.php?id=CVE-2017-12794
07 Sep 2017 — In Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most production sites since you shouldn't run with "DEBUG = True" (which makes this page accessible) in your production settings. En Django versiones 1.10.x anteriores a la 1.10.8 y versiones 1.11.x anteriores a la 1.11.5, se deshabilitó la función d... • http://www.securityfocus.com/bid/100643 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 49EXPL: 0CVE-2017-7234 – Ubuntu Security Notice USN-3254-1
https://notcve.org/view.php?id=CVE-2017-7234
04 Apr 2017 — A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability. Una URL maliciosa manipulada a una sitio Django (1.10 en versiones anteriores a 1.10.7, 1.9 en versiones anteriores a 1.9.13, y 1.8 en versiones anteriores a 1.8.18) que usa la vista ``django.views.static.serve()`` podría redirigir a cualquier otro dominio, también conocido como una vul... • http://www.debian.org/security/2017/dsa-3835 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 0%CPEs: 49EXPL: 0CVE-2017-7233 – python-django: Open redirect and possible XSS attack via user-supplied numeric redirect URLs
https://notcve.org/view.php?id=CVE-2017-7233
04 Apr 2017 — Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack. Django 1.10 en versiones anteri... • http://www.debian.org/security/2017/dsa-3835 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.1EPSS: 1%CPEs: 36EXPL: 0CVE-2016-9014 – Ubuntu Security Notice USN-3115-1
https://notcve.org/view.php?id=CVE-2016-9014
01 Nov 2016 — Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS. Django en versiones anteriores a 1.8.x en versiones anteriores a 1.8.16, 1.9.x en versiones anteriores a 1.9.11 y 1.10.x en versiones anteriores a 1.10.3 cuando settings.DEBUG es True, permiten a atacantes remotos llevar a cabo ataques de revinculación DNS a... • http://www.debian.org/security/2017/dsa-3835 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 36EXPL: 0CVE-2016-9013 – Ubuntu Security Notice USN-3115-1
https://notcve.org/view.php?id=CVE-2016-9013
01 Nov 2016 — Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually specify a password in the database settings TEST dictionary. Django 1.8.x en versiones anteriores a 1.8.16, 1.9.x en versiones anteriores a 1.9.11 y 1.10.x en versiones anteriores a 1.10.3 utiliza una contraseña em... • http://www.debian.org/security/2017/dsa-3835 • CWE-798: Use of Hard-coded Credentials •