Launchpad CVE tracker

CVE 2010-3082

Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a csrfmiddlewaretoken (aka csrf_token) cookie.

Related bugs and status

CVE-2010-3082 (Candidate) is related to these bugs:

Bug #636482: Update python-django to 1.2.3 version to fix an XSS vulnerability

Summary				In	Importance	Status
	636482	Update python-django to 1.2.3 version to fix an XSS vulnerability		python-django (Ubuntu)	High	Fix Released
	636482	Update python-django to 1.2.3 version to fix an XSS vulnerability		python-django (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securityfoc...
MISC: http://www.ubuntu.com/...
MISC: http://marc.info/?l=os...
MISC: https://exchange.xforc...
MISC: http://www.djangoproje...
MISC: https://bugzilla.redha...

Launchpad.net

CVE 2010-3082

Related bugs and status

Related bugs

References