CVE-2013-4315: Directory traversal with ssi template tag
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-django (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
"Django's template language includes two methods of including and rendering one template inside another:
The {% include %} tag takes a template name, and uses Django's template loading mechanism (which is restricted to the directories specified in the TEMPLATE_DIRS setting, as with any other normal template load in Django).
The {% ssi %} tag, which takes a file path and includes that file's contents (optionally parsing and rendering it as a template).
Since the ssi tag is not restricted to TEMPLATE_DIRS, it represents a security risk; the setting ALLOWED_
https:/
information type: | Private Security → Public Security |
Changed in python-django (Ubuntu): | |
status: | New → Confirmed |
This was fixed in one go with #1225784.