Vulnerabilities
Vulnerable Software
Django-Cms:  >> Django Cms  Security Vulnerabilities
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django-cms allows Cross-Site Scripting (XSS).This issue affects django-cms: 3.11.7, 3.11.8, 4.1.2, 4.1.3.
CVSS Score
3.8
EPSS Score
0.001
Published
2024-11-18
Django CMS 3.7.3 does not validate the plugin_type parameter while generating error messages for an invalid plugin type, resulting in a Cross Site Scripting (XSS) vulnerability. The vulnerability allows an attacker to execute arbitrary JavaScript code in the web browser of the affected user.
CVSS Score
5.4
EPSS Score
0.005
Published
2022-01-12
Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.002
Published
2017-08-18


Contact Us

Shodan ® - All rights reserved