There is a cross-site scripting vulnerability in django-epiceditor 0.2.3 via crafted content in a form field.
django-epiceditor project django-epiceditor 0.2.3