Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

django -- cross-site scripting vulnerability

Information

Severity

Severity

Medium

Family

Family

FreeBSD Local Security Checks

CVSSv2 Base

CVSSv2 Base

4.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

13 years ago

Modified

Modified

6 years ago

Share

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Insight

Insight

The following packages are affected: py23-django py24-django py25-django py26-django py30-django py31-django py23-django-devel py24-django-devel py25-django-devel py26-django-devel py30-django-devel py31-django-devel CVE-2010-3082 Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a csrfmiddlewaretoken (aka csrf_token) cookie.

Solution

Solution

Update your system with the appropriate patches or software upgrades. http://xforce.iss.net/xforce/xfdb/61729 http://www.vuxml.org/freebsd/3ff95dd3-c291-11df-b0dc-00215c6a37bb.html

Common Vulnerabilities and Exposures (CVE)