CVE-2016-7401 (retired)

Priority
Description
The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10,
when used on a site with Google Analytics, allows remote attackers to
bypass an intended CSRF protection mechanism by setting arbitrary cookies.
Assigned-to
mdeslaur
Notes
Package
Upstream:released (1.8.15,1.9.10)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.8.7-1ubuntu5.2)
More Information

Updated: 2019-10-09 07:57:19 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)