Download
| Alert*
oval:org.secpod.oval:def:1800838
Unsafe usage of JavaScript"s Element.innerHTML could result in XSS in the admin"s add/change related popup. Element.textContent is now used to prevent execution of the data. The debug view also used innerHTML. Although a security issue wasn"t identified there, out of an abundance of caution it"s als ... oval:org.secpod.oval:def:1800065 Unsafe usage of JavaScript"s Element.innerHTML could result in XSS in the admin"s add/change related popup. Element.textContent is now used to prevent execution of the data. The debug view also used innerHTML. Although a security issue wasn"t identified there, out of an abundance of caution it"s als ... oval:org.secpod.oval:def:703211 python-django: High-level Python web development framework A security issue was fixed in Django. oval:org.secpod.oval:def:51604 python-django: High-level Python web development framework A security issue was fixed in Django. oval:org.secpod.oval:def:602560 It was discovered that Django, a high-level Python web development framework, is prone to a cross-site scripting vulnerability in the admin"s add/change related popup. |