All versions of django-smart-selects prior to version 1.2.8 are vulnerable to an XSS attack as detailed in issue 171. As a result, all previous versions have been removed from PyPI to prevent users from installing insecure versions. All users are urged to upgrade as soon as possible.
Checklist
Put an x in the bracket when you have completed each task, like this: [x]
[x] This issue is not about installing previous versions of django-smart-selects older than 1.2.8. I understand that previous versions are insecure and will not receive any support whatsoever.
[x] I have verified that that issue exists against the master branch of django-smart-selects.
[x] I have searched for similar issues in both open and closed tickets and cannot find a duplicate.
[x] I have debugged the issue to the smart_selects app.
[x] I have reduced the issue to the simplest possible case.
[x] I have included all relevant sections of models.py, forms.py, and views.py with problems.
All versions of django-smart-selects prior to version 1.2.8 are vulnerable to an XSS attack as detailed in issue 171. As a result, all previous versions have been removed from PyPI to prevent users from installing insecure versions. All users are urged to upgrade as soon as possible.
Checklist
Put an
x
in the bracket when you have completed each task, like this:[x]
master
branch of django-smart-selects.smart_selects
app.models.py
,forms.py
, andviews.py
with problems.I tried finding a duplicate issue but I was surprised that I did not find one so it may be a possible duplicate.
Steps to reproduce
Actual behavior
The FruitDestination class has the function: "All fruit of this type in this plantation should be sent to this destination"
In python manage.py shell
Expected behavior