Ubuntu 10.10 USN-1004-1: Critical Security Flaw in Django XSS Attack
ubuntu
October 13, 2010
Investigating a crucial Django vulnerability on Ubuntu 10.10 highlights serious risks due to poor input sanitization in template contexts that can permit XSS attacks
It was discovered that Django did not properly sanitize the cookie value when applying CSRF protections resulting in a cross-site scripting (XSS) vulnerability