Download
| Alert*
|
oval:org.secpod.oval:def:116741
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. oval:org.secpod.oval:def:1801490 An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided ... oval:org.secpod.oval:def:1801487 An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided ... oval:org.secpod.oval:def:1801488 An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided ... oval:org.secpod.oval:def:1801489 An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided ... oval:org.secpod.oval:def:1902043 AdminURLFieldWidget XSS oval:org.secpod.oval:def:705048 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:2105216 An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided ... oval:org.secpod.oval:def:57440 Three security issues were found in Django, a Python web development framework, which could result in denial of service, incomplete sanitisation of clickable links or missing redirects of HTTP requests to HTTPS. oval:org.secpod.oval:def:57457 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:604450 Three security issues were found in Django, a Python web development framework, which could result in denial of service, incomplete sanitisation of clickable links or missing redirects of HTTP requests to HTTPS. |
