Lucene search
RedhatCVELIST:CVE-2020-25626HistorySep 30, 2020 - 7:24 p.m.
CVE-2020-25626
2020-09-3019:24:45
CWE-20
redhat
www.cve.org
1
0.004 Low
EPSS
Percentile
72.4%
A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious <script> tags, leading to a cross-site-scripting (XSS) vulnerability.
CNA Affected
[
{
"product": "Django REST Framework",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All django-rest-framework versions before 3.12.0 and before 3.11.2"
}
]
}
]Related
osv
osv
CVE-2020-25626
2020-09-30 20:15:15
PYSEC-2020-263
2020-09-30 20:15:00
Cross-site Scripting (XSS) in Django REST Framework
2021-03-19 21:32:47
suse
suse
Security update for python-djangorestframework (important)
2021-02-25 00:00:00
Security update for python-djangorestframework (important)
2021-02-22 00:00:00
cve
cve
CVE-2020-25626
2020-09-30 20:15:15
redhatcve
redhatcve
CVE-2020-25626
2020-09-30 16:16:59
nessus
nessus
openSUSE Security Update : python-djangorestframework (openSUSE-2021-322)
2021-02-25 00:00:00
Debian DSA-5186-1 : djangorestframework - security update
2022-07-22 00:00:00
ubuntucve
ubuntucve
CVE-2020-25626
2020-09-30 00:00:00
openvas
openvas
openSUSE: Security Advisory for python-djangorestframework (openSUSE-SU-2021:0322-1)
2021-04-16 00:00:00
Debian: Security Advisory (DSA-5186-1)
2022-07-23 00:00:00
prion
prion
Cross site scripting
2020-09-30 20:15:00
debian
debian
[SECURITY] [DSA 5186-1] djangorestframework security update
2022-07-22 12:10:07
[SECURITY] [DSA 5186-1] djangorestframework security update
2022-07-22 13:01:21
nvd
nvd
CVE-2020-25626
2020-09-30 20:15:15
veracode
veracode
Cross-site Scripting (XSS)
2020-10-01 00:35:06
debiancve
debiancve
CVE-2020-25626
2020-09-30 20:15:15
github
github
Cross-site Scripting (XSS) in Django REST Framework
2021-03-19 21:32:47
redhat
redhat