漏洞关键信息 Title Django administrative interface cross-site scripting CVSS 2.0 Base Score 4.3 CVSS 2.0 Temporal Score 3.2 Consequences Cross-Site Scripting Remedy Upgrade to the latest version of Django (1.4.6 or 1.5.2 or 1.6 beta 2 or later), available from the Django Web site. Affected Products Django 1.4.5 Django 1.5.1 Django 1.6.0 References Django Web Site Django Weblog oss-sec mailing list, Wed, 14 Aug 2013 07:31:00 +0200 SecurityTracker Alert ID: 1028915 Coverage Cross Site Scripting Date: Nov 11, 2008 CVSS Metrics Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None Exploitability: Unproven Remediation Level: Official Fix Report Confidence: Confirmed