Red Hat Security Advisory 2016-1596-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: A cross-site scripting flaw was found in Django. An attacker could exploit the unsafe usage of JavaScript's Element.innerHTML to forge content in the admin's add/change related popup. Element.textContent is now used to prevent XSS data execution.
01dc421a3024cf93d2a181c2d77c7cbf33b5392e1fa201d53227350f09ca3849
Red Hat Security Advisory 2016-1595-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: A cross-site scripting flaw was found in Django. An attacker could exploit the unsafe usage of JavaScript's Element.innerHTML to forge content in the admin's add/change related popup. Element.textContent is now used to prevent XSS data execution.
6577b69c7abe4cd79ad8dd56fd8ee2632139dbe9c7f3ac0e400e0e80901f5b24
Red Hat Security Advisory 2016-1594-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: A cross-site scripting flaw was found in Django. An attacker could exploit the unsafe usage of JavaScript's Element.innerHTML to forge content in the admin's add/change related popup. Element.textContent is now used to prevent XSS data execution.
1c6f2dd8a8996a7cc16a614e6641a705da125c0969212573506d95695f96285f
Ubuntu Security Notice 3039-1 - It was discovered that Django incorrectly handled the admin's add/change related popup. A remote attacker could possibly use this issue to perform a cross-site scripting attack.
d312deca62b6bc115c201ca36286e9a7ca576fd38cca9f1acd440341e420a96a
Debian Linux Security Advisory 3622-1 - It was discovered that Django, a high-level Python web development framework, is prone to a cross-site scripting vulnerability in the admin's add/change related popup.
9c58635ddf4b881bad27de51794b4f2b9546323a9f77575aa1be164dd5d0741b
Django version 3.3.0 suffers from a malicious client-side script insertion vulnerability.
1f58284db9e8efd2a244e0272399d1285a2bfa2dba0aa1453cc6653a18df215e