Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Django CMS 3.7.3 does not validate the plugin_type parameter while generating error messages for an invalid plugin type, resulting in a Cross Site Scripting (XSS) vulnerability. The vulnerability allows an attacker to execute arbitrary JavaScript code in the web browser of the affected user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Django 跨站脚本漏洞
Vulnerability Description
Django是Django基金会的一套基于Python语言的开源Web应用框架。该框架包括面向对象的映射器、视图系统、模板系统等。 Django CMS 3.7.3 存在安全漏洞,该漏洞源于在为无效插件类型生成错误消息时不验证 plugin_type 参数。该漏洞允许攻击者在受影响用户的 Web 浏览器中执行任意 JavaScript 代码。
CVSS Information
N/A
Vulnerability Type
N/A