vulnerability

Oracle Solaris 11: CVE-2020-13596 (11.4 SRU 21.69.0, 11.4 SRU 27.82.1)

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Jun 3, 2020
Added
Jan 19, 2021
Modified
Feb 17, 2022

Description

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.

Solution(s)

oracle-solaris-11-4-upgrade-legacy-library-python-django-27-1-11-29-11-4-27-0-1-82-0oracle-solaris-11-4-upgrade-legacy-library-python-django-34-1-11-29-11-4-27-0-1-82-0oracle-solaris-11-4-upgrade-legacy-library-python-django-35-1-11-29-11-4-27-0-1-82-0oracle-solaris-11-4-upgrade-library-python-django-2-2-16-11-4-27-0-1-82-0oracle-solaris-11-4-upgrade-library-python-django-27-1-11-29-11-4-27-0-1-82-0oracle-solaris-11-4-upgrade-library-python-django-34-1-11-29-11-4-27-0-1-82-0oracle-solaris-11-4-upgrade-library-python-django-35-1-11-29-11-4-21-0-1-69-0oracle-solaris-11-4-upgrade-library-python-django-37-2-2-16-11-4-27-0-1-82-0
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.