The Vulnerability History Project
Vulnerabilities
Insights
Curate
Tags
All
Projects
CWEs
Languages
Lessons
Severities
Subsystems
More
News
Projects We Study
How to Contribute
By the Numbers
About Us
Toggle Theme
Warning: Our website does not support Internet Explorer, please use Edge instead.
[2.2.x] Fixed CVE-2019-12308 -- Made AdminURLFieldWidget validate URL before rendering clickable link.
Backport of deeba6d92006999fee9adfbd8be79bf0a59e8008 from master.
by
Stephanie the Jack Russel 2019-05-23 10:06:34 UTC
commit afddabf8428ddc89a332f7a78d0d21eaf2b5a673
Django
Fix
Unsanitized Clickable Links CVE-2019-12308
django/contrib/admin/templates/admin/widgets/url.html
+1
-1
django/contrib/admin/widgets.py
+1
-9
docs/releases/1.11.21.txt
+1
-15
docs/releases/2.1.9.txt
-14
docs/releases/2.2.2.txt
-14
tests/admin_widgets/tests.py
+8
-15
expand_less
The Vulnerability History Project