Vulnerabilities > Django CMS
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-12 | CVE-2021-44649 | Cross-site Scripting vulnerability in Django-Cms Django CMS Django CMS 3.7.3 does not validate the plugin_type parameter while generating error messages for an invalid plugin type, resulting in a Cross Site Scripting (XSS) vulnerability. | 3.5 |
2017-08-18 | CVE-2015-5081 | Cross-Site Request Forgery (CSRF) vulnerability in Django-Cms Django CMS 3.1 Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified vectors. | 6.8 |