CVE-2024-11319

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-11319
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-11319.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-11319
Aliases
Published
2024-11-18T12:15:17.853Z
Modified
2026-04-10T05:08:16.242015Z
Severity
  • 4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django-cms allows Cross-Site Scripting (XSS).This issue affects django-cms: 3.11.7, 3.11.8, 4.1.2, 4.1.3.

References

Affected packages

Git / github.com/django-cms/django-cms

Affected ranges

Type
GIT
Repo
https://github.com/django-cms/django-cms
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
eb42af9c0eade45144c997dab6e11c3adf1f261c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
4beca173479abe65e4022bbcb6a81ceaa3d983b4
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c9a6452e8a9a527a3ae103422215dd87158361b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b827cb213ea639774970182a0239656fc60eb76c
Fixed
241d1cbe47a68f5d271ce4d27ad5e32e2c360ec3
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.11.7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.11.8"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.1.3"
        }
    ]
}

Affected versions

2.*
2.1.0
2.1.0.rc2
2.1.0.rc3
2.1.1
2.1.2
2.1.3
2.1.4
2.2
2.3
2.3.2
2.3.2.rc1
2.3.3
2.3.4
2.3.5
2.3rc1
2.4.0
2.4.0.rc1
2.4.1
3.*
3.0
3.0.0.beta
3.0.0.beta2
3.0.0.beta3
3.0.1
3.0.10
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.0.7
3.0.8
3.0.9
3.0c1
3.0c2
3.1
3.11.0
3.11.0rc1
3.11.1
3.11.1rc1
3.11.2
3.11.3
3.11.4
3.11.5
3.11.6
3.11.7
3.11.8
3.2.0
3.2.0.rc1
3.2.0.rc10
3.2.0.rc11
3.2.0.rc12
3.2.0.rc13
3.2.0.rc14
3.2.0.rc3
3.2.0.rc4
3.2.0.rc5
3.2.0.rc6
3.2.0.rc7
3.2.0.rc8
3.2.0.rc9
3.3.0
3.3.0.rc2
3.3.0.rc3
3.3.0.rc4
3.4.0
3.4.0rc1
3.4.0rc2
3.4.0rc3
3.4.1
3.4.2
3.5.0
3.5.0rc1
3.5.1
3.5.2
3.6.0rc1
3.6.0rc2
4.*
4.0.0
4.0.0dev11
4.1.0
4.1.0rc1
4.1.0rc2
4.1.0rc3
4.1.0rc4
4.1.0rc5
4.1.1
4.1.2
4.1.3
Other
show
temporary

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-11319.json"