Django Wiki

CVEs (2)

• CVE-2024-28865Mar 18, 2024
  Django Wiki

  Django Wiki
  risk 0.00cvss —epss 0.01

  django-wiki is a wiki system for Django. Installations of django-wiki prior to version 0.10.1 are vulnerable to maliciously crafted article content that can cause severe use of server CPU through a regular expression loop. Version 0.10.1 fixes this issue. As a workaround, close…

• CVE-2021-25986Nov 23, 2021
  Django Wiki

  Django Wiki
  risk 0.00cvss —epss 0.01

  In Django-wiki, versions 0.0.20 to 0.7.8 are vulnerable to Stored Cross-Site Scripting (XSS) in Notifications Section. An attacker who has access to edit pages can inject JavaScript payload in the title field. When a victim gets a notification regarding the changes made in the…