Summary: | =dev-python/django-1.2* XSS via csrf_token (CVE-2010-3082) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Albert W. Hopkins <marduk> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | python |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.djangoproject.com/weblog/2010/sep/08/security-release/ | ||
Whiteboard: | ~4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Albert W. Hopkins
2010-09-09 13:42:42 UTC
Summary from $URL: The provided template tag for inserting the CSRF token into forms -- {% csrf_token %} -- explicitly trusts the cookie value, and displays it as-is. Thus, an attacker who is able to tamper with the value of the CSRF cookie can cause arbitrary content to be inserted, unescaped, into the outgoing HTML of the form, enabling cross-site scripting (XSS) attacks. Affected versions: =dev-python/django-1.2* (~arch only) Django 1.2.3 has been released. This release deals with some issues caused by Django 1.2.2. See http://www.djangoproject.com/weblog/2010/sep/10/123/ dev-python/django-1.2.3 has been added to the tree. Vulnerable versions have been deleted. thanks, closing without glsa. |