Description
Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload.
Remediation
References
Related Vulnerabilities
OpenSSL Cryptographic Issues Vulnerability (CVE-2015-0204)
WordPress Plugin Image Metadata Cruncher Multiple Vulnerabilities (1.8)
WordPress Plugin Exquisite PayPal Donation Cross-Site Scripting (2.0.0)
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2018-16476)
Rukovoditel Cross-site Scripting (XSS) Vulnerability (CVE-2019-7541)