PT-2021-24383 · Unknown · Django Rest Framework
Published
2021-02-24
·
Updated
2021-02-24
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions:
Django-Rest-Framework versions prior to 3.9.1
Description:
The issue is caused by disabled autoescaping in the default DRF Browsable API view templates, leading to a XSS vulnerability.
Recommendations:
For versions prior to 3.9.1, update to version 3.9.1 or later to resolve the issue.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Django Rest Framework