Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-13596

Disclosure Date: June 03, 2020 (last updated November 08, 2023)
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0