WS-2019-0037 - Medium Severity Vulnerability
Vulnerable Library - djangorestframework-3.8.2-py2.py3-none-any.whl
Web APIs for Django, made easy.
Library home page: https://files.pythonhosted.org/packages/90/30/ad1148098ff0c375df2a30cc4494ed953cf7551fc1ecec30fc951c712d20/djangorestframework-3.8.2-py2.py3-none-any.whl
Path to dependency file: doccano/requirements.txt
Path to vulnerable library: doccano/requirements.txt
Dependency Hierarchy:
- ❌ djangorestframework-3.8.2-py2.py3-none-any.whl (Vulnerable Library)
Vulnerability Details
Django-Rest-Framework, before 3.9.1, has a XSS vulnerability caused by disabled autoescaping in the default DRF Browsable API view templates.
Publish Date: 2018-12-14
URL: WS-2019-0037
CVSS 2 Score Details (5.0)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: encode/django-rest-framework#6330
Release Date: 2019-04-05
Fix Resolution: 3.9.1
WS-2019-0037 - Medium Severity Vulnerability
Web APIs for Django, made easy.
Library home page: https://files.pythonhosted.org/packages/90/30/ad1148098ff0c375df2a30cc4494ed953cf7551fc1ecec30fc951c712d20/djangorestframework-3.8.2-py2.py3-none-any.whl
Path to dependency file: doccano/requirements.txt
Path to vulnerable library: doccano/requirements.txt
Dependency Hierarchy:
Django-Rest-Framework, before 3.9.1, has a XSS vulnerability caused by disabled autoescaping in the default DRF Browsable API view templates.
Publish Date: 2018-12-14
URL: WS-2019-0037
Base Score Metrics not available
Type: Upgrade version
Origin: encode/django-rest-framework#6330
Release Date: 2019-04-05
Fix Resolution: 3.9.1