avatar

Ali Δ°ltizar

@iltosec

  • 127.0.0.1
  • @iltosec
  • /u/ali-iltizar
  • https://iltosec.com
  • iltosec
    • Who am I ?

    Security Researcher

    Overview

    3

    total CVE

    MEDIUM
    2
    LOW
    1
    CRITICAL
    0
    HIGH
    0
    NONE
    0

    Latest CVEs

    6.9

    CVSS3.1

    CVE-2024-11406 - Stored XSS in django CMS Attributes Fields

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django CMS Attributes Fields allows Stored XSS.This issue affects django CMS Attributes Fields: before 4.0.

    πŸ“… Published: Nov. 20, 2024, noon πŸ”„ Last Modified: Nov. 21, 2024, 1:57 p.m.

    5.5

    CVSS3.1

    CVE-2024-11404 - File Upload Bypass in django Filer

    Unrestricted Upload of File with Dangerous Type, Improper Input Validation, Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS.This issue affects django Filer: from 3 before 3.…

    πŸ“… Published: Nov. 20, 2024, 11:55 a.m. πŸ”„ Last Modified: Nov. 21, 2024, 1:57 p.m.

    3.8

    CVSS3.1

    CVE-2024-11319 - Stored XSS in Open Source Project "django-cms"

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django-cms allows Cross-Site Scripting (XSS).This issue affects django-cms: 3.11.7, 3.11.8, 4.1.2, 4.1.3.

    πŸ“… Published: Nov. 18, 2024, 11:53 a.m. πŸ”„ Last Modified: Jan. 6, 2025, 5:54 p.m.
    See all CVEs of