Description
Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload.
Remediation
References
Related Vulnerabilities
WordPress Plugin Easy Testimonials Cross-Site Request Forgery (3.6.1)
Ruby Improper Input Validation Vulnerability (CVE-2018-8779)
WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (4.7)
PHP Improper Input Validation Vulnerability (CVE-2013-4636)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1692)