Directory traversal vulnerability in Django 1.1.x prior to 1.1.4 and 1.2.x prior to 1.2.5 on Windows might allow remote malicious users to read or execute files via a / (slash) character in a key in a session cookie, related to session replays.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
djangoproject django 1.1.0 |
||
djangoproject django 1.1.2 |
||
djangoproject django 1.1 |
||
djangoproject django 1.1.3 |
||
djangoproject django 1.2 |
||
djangoproject django 1.2.1 |
||
djangoproject django 1.2.2 |
||
djangoproject django 1.2.3 |
||
djangoproject django 1.2.4 |