FreeBSD : django-cms -- XSS Vulnerability (3886cafe-668c-11e2-94b8-1c4bd681f0cf)
High Nessus Plugin ID 64089
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionCross-site scripting (XSS) vulnerability
Jonas Obrist reports: The security issue allows users with limited admin access to elevate their privileges through XSS injection using the page_attribute template tag. Only users with admin access and the permission to edit at least one django CMS page object could exploit this vulnerability. Websites that do not use the page_attribute template tag are not affected.
SolutionUpdate the affected package.