Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting (XSS) via the breaklongheaders template filter due to improper input sanitization before splitting and joining with <br> tags.
{ "ubuntu_priority": "medium" }
{ "binaries": [ { "binary_name": "python-djangorestframework-doc", "binary_version": "3.15.2-1" }, { "binary_name": "python3-djangorestframework", "binary_version": "3.15.2-1" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }