Lucene search
GoogleOSV:GHSA-FX83-3PH3-9J2QHistoryMar 19, 2021 - 9:32 p.m.
Cross-site Scripting (XSS) in Django REST Framework
2021-03-1921:32:47
Google
osv.dev
115
0.004 Low
EPSS
Percentile
72.4%
A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious <script> tags, leading to a cross-site-scripting (XSS) vulnerability.
Related
osv
osv
CVE-2020-25626
2020-09-30 20:15:15
PYSEC-2020-263
2020-09-30 20:15:00
djangorestframework - security update
2022-07-22 00:00:00
suse
suse
Security update for python-djangorestframework (important)
2021-02-25 00:00:00
Security update for python-djangorestframework (important)
2021-02-22 00:00:00
redhatcve
redhatcve
CVE-2020-25626
2020-09-30 16:16:59
cve
cve
CVE-2020-25626
2020-09-30 20:15:15
nessus
nessus
openSUSE Security Update : python-djangorestframework (openSUSE-2021-322)
2021-02-25 00:00:00
Debian DSA-5186-1 : djangorestframework - security update
2022-07-22 00:00:00
ubuntucve
ubuntucve
CVE-2020-25626
2020-09-30 00:00:00
openvas
openvas
openSUSE: Security Advisory for python-djangorestframework (openSUSE-SU-2021:0322-1)
2021-04-16 00:00:00
Debian: Security Advisory (DSA-5186-1)
2022-07-23 00:00:00
prion
prion
Cross site scripting
2020-09-30 20:15:00
debian
debian
[SECURITY] [DSA 5186-1] djangorestframework security update
2022-07-22 12:10:07
[SECURITY] [DSA 5186-1] djangorestframework security update
2022-07-22 13:01:21
nvd
nvd
CVE-2020-25626
2020-09-30 20:15:15
cvelist
cvelist
CVE-2020-25626
2020-09-30 19:24:45
veracode
veracode
Cross-site Scripting (XSS)
2020-10-01 00:35:06
debiancve
debiancve
CVE-2020-25626
2020-09-30 20:15:15
github
github
Cross-site Scripting (XSS) in Django REST Framework
2021-03-19 21:32:47
redhat
redhat