Vulnerabilities > Django CMS

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-18	CVE-2024-11319	Unspecified vulnerability in Django-Cms Django CMS Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django-cms allows Cross-Site Scripting (XSS).This issue affects django-cms: 3.11.7, 3.11.8, 4.1.2, 4.1.3. network low complexity django-cms	4.8
2022-01-12	CVE-2021-44649	Cross-site Scripting vulnerability in Django-Cms Django CMS Django CMS 3.7.3 does not validate the plugin_type parameter while generating error messages for an invalid plugin type, resulting in a Cross Site Scripting (XSS) vulnerability. network low complexity django-cms CWE-79	5.4
2017-08-18	CVE-2015-5081	Cross-Site Request Forgery (CSRF) vulnerability in Django-Cms Django CMS 3.0.13/3.1 Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified vectors. network low complexity django-cms CWE-352	8.8

Vulnerabilities > Django CMS {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Django CMS"}]}