Django vulnerability

2016-09-27T00:00:00
ID USN-3089-1
Type ubuntu
Reporter Ubuntu
Modified 2016-09-27T00:00:00

Description

Sergey Bobrov discovered that Django incorrectly parsed cookies when being used with Google Analytics. A remote attacker could possibly use this issue to set arbitrary cookies leading to a CSRF protection bypass.