• info
• discussion
• exploit
• solution
• references

Django CVE-2008-2302 Cross-Site Scripting Vulnerability

Django is prone to a cross-site scripting vulnerability. Cross-site scripting (XSS) vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request.