Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-5v8n-rma9-rqd4
Summary
XSS in admin interface
The Django administrative application, django.contrib.admin, consider value of a URLField to be safe. Thus, when displaying it, Django does not escape it allowing an attacker to perform XSS in the administrative interface.
Aliases
0
alias GMS-2013-17
Fixed_packages
0
url pkg:pypi/django@1.5.2
purl pkg:pypi/django@1.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dhb-9yue-33h7
1
vulnerability VCID-2m9f-3cgw-ekdr
2
vulnerability VCID-325d-7dfk-sqd2
3
vulnerability VCID-42cm-j2av-87ea
4
vulnerability VCID-5g4y-1qmy-27bd
5
vulnerability VCID-6gss-ppm5-3yc9
6
vulnerability VCID-84mm-45p6-xkau
7
vulnerability VCID-896g-hqec-ryb9
8
vulnerability VCID-8jaq-53td-wbeg
9
vulnerability VCID-8teq-9xr9-q3fg
10
vulnerability VCID-9uzd-mmyv-mfh4
11
vulnerability VCID-a715-2qks-wyhn
12
vulnerability VCID-bgjt-c6sa-pfaj
13
vulnerability VCID-bgmv-mf3x-bkew
14
vulnerability VCID-br5x-v7md-47hp
15
vulnerability VCID-c1n5-4ars-u7ff
16
vulnerability VCID-e2jd-yd4j-kqgt
17
vulnerability VCID-eker-m822-cuax
18
vulnerability VCID-jc9f-vgy8-ruan
19
vulnerability VCID-jumh-hkhx-7qc9
20
vulnerability VCID-k6s1-gnmc-e3ed
21
vulnerability VCID-q64b-r7td-2yab
22
vulnerability VCID-qjqs-zfd5-ckbt
23
vulnerability VCID-qm34-ec8s-tfd7
24
vulnerability VCID-qzba-9xmg-3qer
25
vulnerability VCID-sbr6-pybe-dubq
26
vulnerability VCID-spwd-dz6f-5fh9
27
vulnerability VCID-t8ec-st1v-s3e5
28
vulnerability VCID-ukxp-wqpr-t3by
29
vulnerability VCID-w2dv-u8h6-sbgs
30
vulnerability VCID-w4pr-k5nj-ckgy
31
vulnerability VCID-x4ev-6zjm-sbe4
32
vulnerability VCID-x516-xwze-6ba3
33
vulnerability VCID-x6np-rvrt-nyb2
34
vulnerability VCID-yemh-qd63-wuca
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5.2
Affected_packages
0
url pkg:pypi/django@1.5
purl pkg:pypi/django@1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dhb-9yue-33h7
1
vulnerability VCID-2m9f-3cgw-ekdr
2
vulnerability VCID-325d-7dfk-sqd2
3
vulnerability VCID-42cm-j2av-87ea
4
vulnerability VCID-5g4y-1qmy-27bd
5
vulnerability VCID-5v8n-rma9-rqd4
6
vulnerability VCID-6gss-ppm5-3yc9
7
vulnerability VCID-84mm-45p6-xkau
8
vulnerability VCID-896g-hqec-ryb9
9
vulnerability VCID-8jaq-53td-wbeg
10
vulnerability VCID-8teq-9xr9-q3fg
11
vulnerability VCID-9uzd-mmyv-mfh4
12
vulnerability VCID-a715-2qks-wyhn
13
vulnerability VCID-bgjt-c6sa-pfaj
14
vulnerability VCID-bgmv-mf3x-bkew
15
vulnerability VCID-br5x-v7md-47hp
16
vulnerability VCID-c1n5-4ars-u7ff
17
vulnerability VCID-e2jd-yd4j-kqgt
18
vulnerability VCID-eker-m822-cuax
19
vulnerability VCID-fk27-94p2-8kft
20
vulnerability VCID-gwme-keqv-kkgr
21
vulnerability VCID-hk24-1yzs-ybhu
22
vulnerability VCID-jc9f-vgy8-ruan
23
vulnerability VCID-jumh-hkhx-7qc9
24
vulnerability VCID-k6s1-gnmc-e3ed
25
vulnerability VCID-q64b-r7td-2yab
26
vulnerability VCID-qjqs-zfd5-ckbt
27
vulnerability VCID-qm34-ec8s-tfd7
28
vulnerability VCID-qzba-9xmg-3qer
29
vulnerability VCID-sbr6-pybe-dubq
30
vulnerability VCID-spwd-dz6f-5fh9
31
vulnerability VCID-t8ec-st1v-s3e5
32
vulnerability VCID-ukxp-wqpr-t3by
33
vulnerability VCID-w2dv-u8h6-sbgs
34
vulnerability VCID-w4pr-k5nj-ckgy
35
vulnerability VCID-x4ev-6zjm-sbe4
36
vulnerability VCID-x516-xwze-6ba3
37
vulnerability VCID-x6np-rvrt-nyb2
38
vulnerability VCID-yemh-qd63-wuca
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5
1
url pkg:pypi/django@1.5.1
purl pkg:pypi/django@1.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dhb-9yue-33h7
1
vulnerability VCID-2m9f-3cgw-ekdr
2
vulnerability VCID-325d-7dfk-sqd2
3
vulnerability VCID-42cm-j2av-87ea
4
vulnerability VCID-5g4y-1qmy-27bd
5
vulnerability VCID-5v8n-rma9-rqd4
6
vulnerability VCID-6gss-ppm5-3yc9
7
vulnerability VCID-84mm-45p6-xkau
8
vulnerability VCID-896g-hqec-ryb9
9
vulnerability VCID-8jaq-53td-wbeg
10
vulnerability VCID-8teq-9xr9-q3fg
11
vulnerability VCID-9uzd-mmyv-mfh4
12
vulnerability VCID-a715-2qks-wyhn
13
vulnerability VCID-bgjt-c6sa-pfaj
14
vulnerability VCID-bgmv-mf3x-bkew
15
vulnerability VCID-br5x-v7md-47hp
16
vulnerability VCID-c1n5-4ars-u7ff
17
vulnerability VCID-e2jd-yd4j-kqgt
18
vulnerability VCID-eker-m822-cuax
19
vulnerability VCID-fk27-94p2-8kft
20
vulnerability VCID-gwme-keqv-kkgr
21
vulnerability VCID-hk24-1yzs-ybhu
22
vulnerability VCID-jc9f-vgy8-ruan
23
vulnerability VCID-jumh-hkhx-7qc9
24
vulnerability VCID-k6s1-gnmc-e3ed
25
vulnerability VCID-q64b-r7td-2yab
26
vulnerability VCID-qjqs-zfd5-ckbt
27
vulnerability VCID-qm34-ec8s-tfd7
28
vulnerability VCID-qzba-9xmg-3qer
29
vulnerability VCID-sbr6-pybe-dubq
30
vulnerability VCID-spwd-dz6f-5fh9
31
vulnerability VCID-t8ec-st1v-s3e5
32
vulnerability VCID-ukxp-wqpr-t3by
33
vulnerability VCID-w2dv-u8h6-sbgs
34
vulnerability VCID-w4pr-k5nj-ckgy
35
vulnerability VCID-x4ev-6zjm-sbe4
36
vulnerability VCID-x516-xwze-6ba3
37
vulnerability VCID-x6np-rvrt-nyb2
38
vulnerability VCID-yemh-qd63-wuca
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5.1
References
0
reference_url https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued/
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_scorenull
Exploitability0.5
Weighted_severity0.0
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-5v8n-rma9-rqd4