CVE-2011-0697

Published: Feb 14, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

43297

third-party-advisory

x_refsource_SECUNIA

43382

third-party-advisory

x_refsource_SECUNIA

ADV-2011-0439

vdb-entry

x_refsource_VUPEN

ADV-2011-0429

vdb-entry

x_refsource_VUPEN

[oss-security] 20110209 Django multiple flaws (CVEs inside)

mailing-list

x_refsource_MLIST

43230

third-party-advisory

x_refsource_SECUNIA

43426

third-party-advisory

x_refsource_SECUNIA

https://bugzilla.redhat.com/show_bug.cgi?id=676359

x_refsource_CONFIRM

ADV-2011-0372

vdb-entry

x_refsource_VUPEN

FEDORA-2011-1261

vendor-advisory

x_refsource_FEDORA

ADV-2011-0441

vdb-entry

x_refsource_VUPEN

USN-1066-1

vendor-advisory

x_refsource_UBUNTU

46296

vdb-entry

x_refsource_BID

MDVSA-2011:031

vendor-advisory

x_refsource_MANDRIVA

DSA-2163

vendor-advisory

x_refsource_DEBIAN

http://www.djangoproject.com/weblog/2011/feb/08/security/

x_refsource_CONFIRM

ADV-2011-0388

vdb-entry

x_refsource_VUPEN

FEDORA-2011-1235

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2011-0697

Description

Affected Products

References