vulnerability
FreeBSD: VID-597d02ce-a66c-11ea-af32-080027846a02 (CVE-2020-13596): Django -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Jun 4, 2020 | Jun 5, 2020 | Dec 10, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Jun 4, 2020
Added
Jun 5, 2020
Modified
Dec 10, 2025
Description
Django security release reports: CVE-2020-13254: Potential data leakage via malformed memcached keys In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage. In order to avoid this vulnerability, key validation is added to the memcached cache backends. CVE-2020-13596: Possible XSS via admin ForeignKeyRawIdWidget Query parameters for the admin ForeignKeyRawIdWidget were not properly URL encoded, posing an XSS attack vector. ForeignKeyRawIdWidget now ensures query parameters are correctly URL encoded.
Solutions
freebsd-upgrade-package-py36-django22freebsd-upgrade-package-py37-django22freebsd-upgrade-package-py38-django22freebsd-upgrade-package-py36-django30freebsd-upgrade-package-py37-django30freebsd-upgrade-package-py38-django30
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.