Bounties
Partners
Community
Info
liangliangyy / djangoblog
Project repository
🍺基于Django的博客系统
Submit a report
FIRST INTERACTION
WITHIN
6 DAYS
REVIEW
WITHIN
6 DAYS
FIX
WITHIN
7 DAYS
Stored XSS via Markdown Comment
May 29th 2023
tht1997
•
Medium
Medium
•
CVE-2023-2954
CVE-2023-2954
Allows upload dangerous file type to server
Apr 20th 2022
ktg9
•
not applicable
Weak forgot password code allows bruteforce and lead to account takeover
Apr 18th 2022
ktg9
•
not applicable
Improper Access Control
Feb 14th 2022
nhiephon
•
Medium
•
$45
Medium
•
$45
Improper Removal of Sensitive Information Before Storage or Transfer
Feb 14th 2022
nhiephon
•
Medium
•
$5
Medium
•
$5
Improper Privilege Management
Feb 11th 2022
ktg9
•
Medium
•
$70
Medium
•
$70
Cross-site Scripting (XSS) - Stored
Feb 11th 2022
ktg9
•
Medium
•
$35
Medium
•
$35
Cross-Site Request Forgery (CSRF)
Jan 24th 2022
ktg9
•
Low
•
$42.5
Low
•
$42.5
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
