Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-wfas-jszp-k7dz
SummaryCross-site scripting (XSS) vulnerability in the AdminURLFieldWidget widget in contrib/admin/widgets.py in Django 1.5.x before 1.5.2 and 1.6.x before 1.6 beta 2 allows remote attackers to inject arbitrary web script or HTML via a URLField.
Aliases
0
alias CVE-2013-4249
1
alias PYSEC-2013-19
Fixed_packages
0
url pkg:pypi/django@1.5.2
purl pkg:pypi/django@1.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3kza-a88p-kfg7
1
vulnerability VCID-3sg7-t77d-rkc6
2
vulnerability VCID-5vmb-d4xp-zfgy
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-71t1-69yq-c7h6
5
vulnerability VCID-7rz2-nqdn-hycc
6
vulnerability VCID-8gus-er59-1qak
7
vulnerability VCID-8v2c-7739-2ugp
8
vulnerability VCID-912q-3eks-4yfm
9
vulnerability VCID-9bqp-b6rw-mye7
10
vulnerability VCID-9mpt-zxaw-kkeg
11
vulnerability VCID-bahz-gfxv-e3b2
12
vulnerability VCID-dh12-js4b-h7fw
13
vulnerability VCID-ffsr-th58-p3ct
14
vulnerability VCID-g2z3-2h8p-c7ge
15
vulnerability VCID-jfya-694v-myar
16
vulnerability VCID-ksh8-pazn-dbca
17
vulnerability VCID-mccp-khb9-qkb7
18
vulnerability VCID-ps24-pjj4-uqd1
19
vulnerability VCID-r7tk-79xy-jkhj
20
vulnerability VCID-rq19-9v21-47dy
21
vulnerability VCID-rxxr-sseq-k7a9
22
vulnerability VCID-ta66-7qrm-sbhu
23
vulnerability VCID-u4a7-uvcb-9kf8
24
vulnerability VCID-u6sd-648r-qbdb
25
vulnerability VCID-vdpf-jddk-syda
26
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5.2
Affected_packages
0
url pkg:pypi/django@1.5
purl pkg:pypi/django@1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3kza-a88p-kfg7
1
vulnerability VCID-3sg7-t77d-rkc6
2
vulnerability VCID-5vmb-d4xp-zfgy
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-71t1-69yq-c7h6
5
vulnerability VCID-7rz2-nqdn-hycc
6
vulnerability VCID-8gus-er59-1qak
7
vulnerability VCID-8v2c-7739-2ugp
8
vulnerability VCID-912q-3eks-4yfm
9
vulnerability VCID-9bqp-b6rw-mye7
10
vulnerability VCID-9mpt-zxaw-kkeg
11
vulnerability VCID-bahz-gfxv-e3b2
12
vulnerability VCID-dh12-js4b-h7fw
13
vulnerability VCID-ffsr-th58-p3ct
14
vulnerability VCID-g2z3-2h8p-c7ge
15
vulnerability VCID-jfya-694v-myar
16
vulnerability VCID-ksh8-pazn-dbca
17
vulnerability VCID-mccp-khb9-qkb7
18
vulnerability VCID-ps24-pjj4-uqd1
19
vulnerability VCID-r78b-88d6-m3f2
20
vulnerability VCID-r7tk-79xy-jkhj
21
vulnerability VCID-rq19-9v21-47dy
22
vulnerability VCID-rtjn-qccc-8kc7
23
vulnerability VCID-rxxr-sseq-k7a9
24
vulnerability VCID-ta66-7qrm-sbhu
25
vulnerability VCID-u4a7-uvcb-9kf8
26
vulnerability VCID-u6sd-648r-qbdb
27
vulnerability VCID-vdpf-jddk-syda
28
vulnerability VCID-weqb-fxu4-17e7
29
vulnerability VCID-wfas-jszp-k7dz
30
vulnerability VCID-x212-mskt-9bbw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5
1
url pkg:pypi/django@1.5.1
purl pkg:pypi/django@1.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3kza-a88p-kfg7
1
vulnerability VCID-3sg7-t77d-rkc6
2
vulnerability VCID-5vmb-d4xp-zfgy
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-71t1-69yq-c7h6
5
vulnerability VCID-7rz2-nqdn-hycc
6
vulnerability VCID-8gus-er59-1qak
7
vulnerability VCID-8v2c-7739-2ugp
8
vulnerability VCID-912q-3eks-4yfm
9
vulnerability VCID-9bqp-b6rw-mye7
10
vulnerability VCID-9mpt-zxaw-kkeg
11
vulnerability VCID-bahz-gfxv-e3b2
12
vulnerability VCID-dh12-js4b-h7fw
13
vulnerability VCID-ffsr-th58-p3ct
14
vulnerability VCID-g2z3-2h8p-c7ge
15
vulnerability VCID-jfya-694v-myar
16
vulnerability VCID-ksh8-pazn-dbca
17
vulnerability VCID-mccp-khb9-qkb7
18
vulnerability VCID-ps24-pjj4-uqd1
19
vulnerability VCID-r7tk-79xy-jkhj
20
vulnerability VCID-rq19-9v21-47dy
21
vulnerability VCID-rxxr-sseq-k7a9
22
vulnerability VCID-ta66-7qrm-sbhu
23
vulnerability VCID-u4a7-uvcb-9kf8
24
vulnerability VCID-u6sd-648r-qbdb
25
vulnerability VCID-vdpf-jddk-syda
26
vulnerability VCID-weqb-fxu4-17e7
27
vulnerability VCID-wfas-jszp-k7dz
28
vulnerability VCID-x212-mskt-9bbw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5.1
References
0
reference_url http://seclists.org/oss-sec/2013/q3/369
reference_id
reference_type
scores
url http://seclists.org/oss-sec/2013/q3/369
1
reference_url http://seclists.org/oss-sec/2013/q3/411
reference_id
reference_type
scores
url http://seclists.org/oss-sec/2013/q3/411
2
reference_url http://secunia.com/advisories/54476
reference_id
reference_type
scores
url http://secunia.com/advisories/54476
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/86438
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/86438
4
reference_url https://github.com/django/django/commit/90363e388c61874add3f3557ee654a996ec75d78
reference_id
reference_type
scores
url https://github.com/django/django/commit/90363e388c61874add3f3557ee654a996ec75d78
5
reference_url https://github.com/django/django/commit/cbe6d5568f4f5053ed7228ca3c3d0cce77cf9560
reference_id
reference_type
scores
url https://github.com/django/django/commit/cbe6d5568f4f5053ed7228ca3c3d0cce77cf9560
6
reference_url https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued
7
reference_url http://www.securitytracker.com/id/1028915
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1028915
Weaknesses
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-wfas-jszp-k7dz