FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
3886cafe-668c-11e2-94b8-1c4bd681f0cfdjango-cms -- XSS Vulnerability

Cross-site scripting (XSS) vulnerability

Jonas Obrist reports: The security issue allows users with limited admin access to elevate their privileges through XSS injection using the page_attribute template tag. Only users with admin access and the permission to edit at least one django CMS page object could exploit this vulnerability. Websites that do not use the page_attribute template tag are not affected.


Discovery 2012-12-04
Entry 2013-01-25
py-django-cms
< 2.3.5

https://www.django-cms.org/en/blog/2012/12/04/2-3-5-security-release/