The {% debug %} template tag in Django 2.2 prior to 2.2.27, 3.2 prior to 3.2.12, and 4.0 prior to 4.0.2 does not properly encode the current context. This may lead to XSS.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
djangoproject django |
||
fedoraproject fedora 35 |
||
debian debian linux 11.0 |