CVE-2010-3082 (retired)

Priority
Description
Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2
allows remote attackers to inject arbitrary web script or HTML via a
csrfmiddlewaretoken (aka csrf_token) cookie.
Notes
 jdstrand> vulnerability not present before 1.2
 jdstrand> 1.2.2 introduced regressions. Need 1.2.3
Assigned-to
jdstrand
Package
Upstream:released (1.2.3-1)
Patches:
upstream:http://code.djangoproject.com/changeset/13699
More Information

Updated: 2019-03-26 11:52:45 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)