CVE-2024-21520 | djangorestframework up to 3.15.1 Template Filter break_long_headers cross site scripting (SNYK-PYTHON-DJANGORESTFRAMEWORK-7252137)

Inserito da Angelo Barbosa | Giu 26, 2024 | CVE

A vulnerability classified as problematic was found in djangorestframework up to 3.15.1. Affected by this vulnerability is the function break_long_headers of the component Template Filter Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-21520. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-21520 | djangorestframework up to 3.15.1 Template Filter break_long_headers cross site scripting (SNYK-PYTHON-DJANGORESTFRAMEWORK-7252137)

Post correlati

CVE-2023-22522 | Atlassian Confluence Data Center/Confluence Server prior 7.19.17/8.4.5/8.5.4/8.6.2/8.7.1 Template injection

CVE-2024-46778 | Linux Kernel up to 6.10.9 AMD Display CalculateSwathAndDETConfiguration_params_st Privilege Escalation (4e2b49a85e79/a7b38c785209)

CVE-2023-29495 | Intel NUC BIOS prior IN0048 input validation (intel-sa-01009)

CVE-2024-25951 | Dell Integrated Remote Access Controller 8 prior 2.85.85.85 improper validation of consistency within input (dsa-2024-089)