Description
Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows might allow remote attackers to read or execute files via a / (slash) character in a key in a session cookie, related to session replays.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Improper Locking Vulnerability (CVE-2002-1850)
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-7989)
PHP Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2010-4657)
Internet Information Services Other Vulnerability (CVE-2002-1694)