CVE-2010-3082

Priority
Description
Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2
allows remote attackers to inject arbitrary web script or HTML via a
csrfmiddlewaretoken (aka csrf_token) cookie.
Assigned-to
jdstrand
Notes
jdstrandvulnerability not present before 1.2
1.2.2 introduced regressions. Need 1.2.3
Package
Upstream:released (1.2.3-1)
Patches:
upstream:http://code.djangoproject.com/changeset/13699
More Information

Updated: 2020-09-10 01:37:20 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)