vulnerability
FreeBSD: VID-8d85d600-84a9-11ea-97b9-08002728f74c (CVE-2020-11001): Wagtail -- XSS vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:N/AC:M/Au:S/C:N/I:P/A:N) | Apr 22, 2020 | Apr 23, 2020 | Dec 10, 2025 |
Severity
3
CVSS
(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Published
Apr 22, 2020
Added
Apr 23, 2020
Modified
Dec 10, 2025
Description
Wagtail release notes: CVE-2020-11001: Possible XSS attack via page revision comparison view This release addresses a cross-site scripting (XSS) vulnerability on the page revision comparison view within the Wagtail admin interface. A user with a limited-permission editor account for the Wagtail admin could potentially craft a page revision history that, when viewed by a user with higher privileges, could perform actions with that user credentials. The vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin.
Solutions
freebsd-upgrade-package-py35-wagtailfreebsd-upgrade-package-py36-wagtailfreebsd-upgrade-package-py37-wagtailfreebsd-upgrade-package-py38-wagtail
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.