CVE-2024-21520 | djangorestframework up to 3.15.1 Template Filter break_long_headers cross site scripting (SNYK-PYTHON-DJANGORESTFRAMEWORK-7252137)

Inserito da Angelo Barbosa | Giu 26, 2024 | CVE

A vulnerability classified as problematic was found in djangorestframework up to 3.15.1. Affected by this vulnerability is the function break_long_headers of the component Template Filter Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-21520. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-21520 | djangorestframework up to 3.15.1 Template Filter break_long_headers cross site scripting (SNYK-PYTHON-DJANGORESTFRAMEWORK-7252137)

Post correlati

CVE-2024-45400 | mlewand ckeditor-plugin-openlink up to 1.0.6 cross site scripting (GHSA-qj47-6x6q-m3c9)

CVE-2023-46713 | Fortinet FortiWeb up to 6.2.8/6.3.23/7.0.10/7.2.5/7.4.0 URL neutralization for logs (FG-IR-23-256)

CVE-2024-34740 | Google Android 12/12L/13/14 BinaryXmlSerializer.java attributeBytesBase64/attributeBytesHex integer overflow

CVE-2024-22096 | Rapid SCADA up to 5.8.4 Arbitrary File path traversal (icsa-24-011-03)