Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
File Upload Bypass in django Filer
Vulnerability Description
Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS.This issue affects django Filer: from 3 before 3.3.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Django Filer 安全漏洞
Vulnerability Description
Django Filer是Django CMS Association开源的一个 Django 的文件管理应用程序。 Django Filer 3版本至3.3之前版本存在安全漏洞,该漏洞源于允许危险类型文件无限制上传、输入验证不当、对网页中脚本相关 HTML 标签中和不当。
CVSS Information
N/A
Vulnerability Type
N/A