Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2013-4249

Published: 04/10/2013 Updated: 29/08/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Djangoproject

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in the AdminURLFieldWidget widget in contrib/admin/widgets.py in Django 1.5.x prior to 1.5.2 and 1.6.x prior to 1.6 beta 2 allows remote malicious users to inject arbitrary web script or HTML via a URLField.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

djangoproject django 1.5

djangoproject django 1.6

djangoproject django 1.5.1

References

CWE-79https://github.com/django/django/commit/90363e388c61874add3f3557ee654a996ec75d78http://www.securitytracker.com/id/1028915http://seclists.org/oss-sec/2013/q3/369https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issuedhttp://seclists.org/oss-sec/2013/q3/411https://github.com/django/django/commit/cbe6d5568f4f5053ed7228ca3c3d0cce77cf9560http://secunia.com/advisories/54476https://exchange.xforce.ibmcloud.com/vulnerabilities/86438https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook