Django REST framework 3.11.2 has just been released <https://www.django-rest-framework.org/community/release-notes/#3112>.
This release *resolves a potential XSS security issue affecting the browsable API.* The issue affects REST framework versions prior to 3.11.2. It does not affect the version 3.12 series. The issue is officially registered under CVE-2020-25626, which is due to be made public later today. - T. -- You received this message because you are subscribed to the Google Groups "Django REST framework" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-rest-framework+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-rest-framework/6d263e94-0a07-4158-a820-7ddde67b57b6n%40googlegroups.com.