Description
Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload.
Remediation
References
Related Vulnerabilities
Joomla Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-12765)
PHP Out-of-bounds Read Vulnerability (CVE-2019-11034)
WordPress Plugin aoringo CAT setter Cross-Site Scripting (0.1.1)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-4978)
WordPress Improper Input Validation Vulnerability (CVE-2013-4339)