VYPR
Moderate severityNVD Advisory· Published Jun 3, 2020· Updated Aug 4, 2024

CVE-2020-13596

CVE-2020-13596

Description

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
DjangoPyPI
>= 2.2a1, < 2.2.132.2.13
DjangoPyPI
>= 3.0a1, < 3.0.73.0.7

Affected products

303

Patches

Vulnerability mechanics

References

21

News mentions

0

No linked articles in our index yet.