Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
airavata-django-portal allows CRLF log injection because of the lack of escaping in the log statements
Vulnerability Description
Apache Airavata Django Portal allows CRLF log injection because of lack of escaping log statements. In particular, some HTTP request parameters are logged without first being escaped. Versions affected: master branch before commit 3c5d8c7 [1] of airavata-django-portal [1] https://github.com/apache/airavata-django-portal/commit/3c5d8c72bfc3eb0af8693a655a5d60f9273f8170
CVSS Information
N/A
Vulnerability Type
日志输出的转义处理不恰当
Vulnerability Title
Apache Airavata Django Portal 安全漏洞
Vulnerability Description
Apache Airavata Django Portal是美国阿帕奇(Apache)基金会的一个Web界面的阿帕奇Airavata使用API来实现Django的web框架。 Apache Airavata Django Portal 存在安全漏洞,该漏洞源于一些HTTP请求参数在没有被转义的情况下被保存下来。
CVSS Information
N/A
Vulnerability Type
N/A