CVE-2013-4315 (retired)

Priority
Description
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x
before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read
arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting
followed by a .. (dot dot) in a ssi template tag.
Assigned-to
mdeslaur
More Information

Updated: 2019-09-19 15:45:31 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)