CVE-2015-2241

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2015-2241
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2015-2241.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2015-2241
Aliases
Downstream
Related
Withdrawn
2026-01-27T04:13:53.399314Z
Published
2015-03-12T14:59:05Z
Modified
2026-01-27T04:13:53.399314Z
Summary
[none]
Details

Cross-site scripting (XSS) vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a model attribute in ModelAdmin.readonly_fields, as demonstrated by a @property.

References

Affected packages