Browse all 3 CVE security advisories affecting django CMS Association. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The django CMS Association develops and maintains the open-source django CMS platform, a content management system built on Django for creating dynamic websites. Historically, the project has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and access control issues. With three CVEs currently on record, security remains a focus area. The platform's modular architecture and extensive plugin ecosystem introduce potential attack surfaces, though regular security updates help mitigate risks. No major public security incidents have been documented, but the project's trackline reflects common web application challenges typical of complex CMS environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-11406 | Stored XSS in django CMS Attributes Fields — django CMS Attributes FieldsCWE-79 | 6.9 | Medium | 2024-11-20 |
| CVE-2024-11404 | File Upload Bypass in django Filer — django FilerCWE-434 | 5.5 | Medium | 2024-11-20 |
| CVE-2024-11319 | Stored XSS in Open Source Project "django-cms" — django-cmsCWE-79 | 4.8 | Medium | 2024-11-18 |
This page lists every published CVE security advisory associated with django CMS Association. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.