Description

Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a csrfmiddlewaretoken (aka csrf_token) cookie.

Remediation

References

CVE-2010-3082

Related Vulnerabilities

WordPress Plugin Contact Form, Drag and Drop Form Builder for WordPress-Everest Forms SQL Injection (1.4.9)

PHP Other Vulnerability (CVE-2007-4658)

WordPress Plugin Gallery Master-Responsive Photo Galleries & Albums Cross-Site Scripting (1.0.22)

WordPress Plugin Related Posts for WordPress Cross-Site Scripting (2.0.3)

WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-28491)

Severity

Medium

Classification

CVE-2010-3082 CWE-707

Tags

Missing Update Known Vulnerabilities