PYSEC-2014-79
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/djblets/PYSEC-2014-79.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2014-79
- Aliases
-
- CVE-2014-3995
- GHSA-4xf6-xr96-7vmp
- Published
- 2014-06-16T18:55:00Z
- Modified
- 2026-06-10T17:01:15.595823934Z
- Summary
- [none]
- Details
-
Cross-site scripting (XSS) vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name.
- References
-
- http://secunia.com/advisories/58691
- https://github.com/djblets/djblets/commit/50000d0bbb983fa8c097b588d06b64df8df483bd
- http://seclists.org/oss-sec/2014/q2/498
- http://seclists.org/oss-sec/2014/q2/494
- https://github.com/djblets/djblets/commit/77ac64642ad530bf69e390c51fc6fdcb8914c8e7
- https://github.com/djblets/djblets/commit/e2c79117efd925636acd871a5f473512602243cf
- https://github.com/advisories/GHSA-4xf6-xr96-7vmp
Affected packages
PyPI / djblets
Package
- Name
- djblets
- View open source insights on deps.dev
- Purl
- pkg:pypi/djblets
Affected ranges
- Type
- GIT
- Repo
- https://github.com/djblets/djblets
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixedFixed
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.7.30Introduced0.8Fixed0.8.3
Affected versions
release-0.*
release-0.5.0alpha1
release-0.5.0alpha2
release-0.5.0alpha3
release-0.5.0beta1
release-0.5.0rc1
release-0.5
release-0.5.2
release-0.5.4
release-0.5.5
release-0.5.6
release-0.5.8
release-0.5.9
release-0.6
release-0.6.1
release-0.6.2
release-0.6.3
release-0.6.4
release-0.6.5
release-0.6.6
release-0.6.7
release-0.6.8
release-0.6.9
release-0.6.10
release-0.6.11
release-0.7
release-0.7.1
release-0.7.2
release-0.7.3
release-0.7.4
release-0.7.5
release-0.7.6
release-0.7.7
release-0.7.8
release-0.7.9
release-0.7.10
release-0.7.11
release-0.7.12
release-0.7.13
release-0.7.14
release-0.7.15
release-0.7.16
release-0.7.17
release-0.7.18
release-0.7.19
release-0.7.20
release-0.7.21
release-0.7.22
release-0.7.23
release-0.7.24
release-0.7.25
release-0.7.26
release-0.7.27
release-0.7.28
release-0.7.29
release-0.7.30
release-0.8alpha1
release-0.8alpha2
release-0.8beta1
release-0.8beta2
release-0.8beta3
release-0.8rc1
release-0.8rc2
release-0.8
release-0.8.1
release-0.8.2
0.*
0.5rc2
0.5
0.5.1
0.5.2
0.5.3
0.5.4
0.5.5
0.5.6
0.5.7
0.5.8
0.5.9
0.6
0.6.1
0.6.2
0.6.3
0.6.4
0.6.5
0.6.6
0.6.7
0.6.8
0.6.9
0.6.10
0.6.11
0.6.12
0.6.13
0.6.14
0.6.15
0.6.16
0.6.17
0.6.18
0.6.19
0.6.20
0.6.21
0.6.22
0.6.23
0.6.24
0.6.25
0.6.26
0.6.27
0.6.28
0.6.29
0.6.30
0.6.31
0.7
0.7.1
0.7.2
0.7.3
0.7.4
0.7.5
0.7.6
0.7.7
0.7.8
0.7.9
0.7.10
0.7.11
0.7.12
0.7.13
0.7.14
0.7.15
0.7.16
0.7.17
0.7.18
0.7.19
0.7.20
0.7.21
0.7.22
0.7.23
0.7.24
0.7.25
0.7.26
0.7.27
0.7.28
0.7.29
0.8
0.8.1
0.8.2