FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
bb022643-84fb-11e6-a4a1-60a44ce6887bdjango -- CSRF protection bypass on a site with Google Analytics

Django Software Foundation reports:

An interaction between Google Analytics and Django's cookie parsing could allow an attacker to set arbitrary cookies leading to a bypass of CSRF protection.


Discovery 2016-09-26
Entry 2016-09-27
py-django19
< 1.9.10

py-django18
< 1.8.15

py-django
< 1.8.15

https://www.djangoproject.com/weblog/2016/sep/26/security-releases/
CVE-2016-7401