CVE-2013-4315: Directory traversal with ssi template tag
Bug #1227518 reported by
Felix Dreissig
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| python-django (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
"Django's template language includes two methods of including and rendering one template inside another:
The {% include %} tag takes a template name, and uses Django's template loading mechanism (which is restricted to the directories specified in the TEMPLATE_DIRS setting, as with any other normal template load in Django).
The {% ssi %} tag, which takes a file path and includes that file's contents (optionally parsing and rendering it as a template).
Since the ssi tag is not restricted to TEMPLATE_DIRS, it represents a security risk; the setting ALLOWED_
https:/
| information type: | Private Security → Public Security |
| Changed in python-django (Ubuntu): | |
| status: | New → Confirmed |
Revision history for this message
| Felix Dreissig (f30) wrote | #1 |
| Changed in python-django (Ubuntu): | |
| status: | Confirmed → Fix Released |
To post a comment you must log in.
This was fixed in one go with #1225784.