https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-31T01:55:23.282331+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/e0e27a05-d828-43a1-80ba-c4f6cb627688/exporte0e27a05-d828-43a1-80ba-c4f6cb6276882026-05-31T01:55:23.635934+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "e0e27a05-d828-43a1-80ba-c4f6cb627688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-31039", "type": "seen", "source": "https://gist.github.com/xssportswiger-design/a7efbd108ca49004899a8cdd8019d7ac", "content": "# CVE-2026-31039: Stored XSS in django CMS 3.11.10\n\n## Description\nIn django CMS version 3.11.10, an authenticated user with editor or admin privileges can inject malicious HTML/JavaScript code into plugin content. The content is rendered using the `mark_safe()` function without proper sanitization, leading to stored cross-site scripting (XSS) when a victim visits the affected page.\n\n## Vulnerability Type\nCross Site Scripting (XSS)\n\n## Vendor\ndjango CMS Association\n\n## Affected Product\ndjango CMS\n\n## Affected Version\n3.11.10\n\n## Affected Component\n- `cms/plugin_processors.py`\n- `plugin_meta_context_processor`\n- `mark_safe(rendered_content)`\n\n## Attack Vector\nAn authenticated user (editor or admin) injects malicious JavaScript into plugin content. The content is rendered unsafely with `mark_safe()`, executing in any victim's browser.\n\n## Impact\n- Code execution (JavaScript)\n- Information disclosure (session hijacking, cookie theft)\n- Unauthorized actions on behalf of the victim\n\n## Discoverer\nShaxriyor Abdullayev\n\n## References\n- https://github.com/django-cms/django-cms\n- https://github.com/django-cms/django-cms/blob/3.11.10/cms/plugin_processors.py\n\n## Suggested Fix\nReplace `mark_safe()` with proper HTML escaping or use a sanitizer like `bleach` before rendering user-controlled content.", "creation_timestamp": "2026-05-29T18:52:38.000000Z"}2026-05-29T18:52:38+00:00