CVE-2020-25626

CVE-2020-25626

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious <script> tags, leading to a cross-site-scripting (XSS) vulnerability.

Source: CVE-2020-25626

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다