vulnerability
FreeBSD: VID-df328fac-f942-11e5-92ce-002590263bf5: py-djblets -- Self-XSS vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:N/C:P/I:P/A:N) | Apr 3, 2016 | Apr 4, 2016 | Dec 10, 2025 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
Apr 3, 2016
Added
Apr 4, 2016
Modified
Dec 10, 2025
Description
Djblets Release Notes reports: A recently-discovered vulnerability in the datagrid templates allows an attacker to generate a URL to any datagrid page containing malicious code in a column sorting value. If the user visits that URL and then clicks that column, the code will execute. The cause of the vulnerability was due to a template not escaping user-provided values.
Solutions
freebsd-upgrade-package-py27-djbletsfreebsd-upgrade-package-py32-djbletsfreebsd-upgrade-package-py33-djbletsfreebsd-upgrade-package-py34-djbletsfreebsd-upgrade-package-py35-djblets
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.