Description
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077.
Remediation
References
Related Vulnerabilities
WordPress Plugin Google AdSense by BestWebSoft Cross-Site Scripting (1.43)
WordPress Plugin Import all XML, CSV & TXT into WordPress Security Bypass (6.4.1)
Restlet Framework XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2013-4221)
Oracle Database Server CVE-2009-1970 Vulnerability (CVE-2009-1970)