Cross-site scripting (XSS) vulnerability in gravatars/templatetags/gravatars.py in Djblets prior to 0.7.30 and 0.8.x prior to 0.8.3 for Django allows remote malicious users to inject arbitrary web script or HTML via a user display name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
reviewboard djblets |
||
reviewboard djblets 0.7.28 |
||
reviewboard djblets 0.7.27 |
||
reviewboard djblets 0.8.2 |
||
reviewboard djblets 0.8.1 |