PYSEC-2011-31

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2011-31.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2011-31
Aliases
Published
2011-02-14T21:00:03.273Z
Modified
2026-05-19T05:26:27.135532712Z
Summary
[none]
Details

Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload.

References

Affected packages

PyPI / django

Package

Name
django
View open source insights on deps.dev
Purl
pkg:pypi/django

Affected ranges

Database specific

source 
"https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2011-31.yaml"