{"id":"PYSEC-2017-86","details":"There is a cross-site scripting vulnerability in django-epiceditor 0.2.3 via crafted content in a form field.","aliases":["CVE-2017-6591","GHSA-xp5m-4c9f-498q"],"modified":"2023-11-08T03:59:23.891523Z","published":"2017-03-09T20:59:00Z","references":[{"type":"WEB","url":"http://morningchen.com/2017/03/09/Cross-site-scripting-vulnerability-in-django-epiceditor/"},{"type":"WEB","url":"http://www.securityfocus.com/bid/96946"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-xp5m-4c9f-498q"}],"affected":[{"package":{"name":"django-epiceditor","ecosystem":"PyPI","purl":"pkg:pypi/django-epiceditor"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.2.0","0.2.1","0.2.1.1","0.2.1.2","0.2.2","0.2.3"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/django-epiceditor/PYSEC-2017-86.yaml"}}],"schema_version":"1.7.3"}