VYPR
Moderate severityNVD Advisory· Published Sep 14, 2010· Updated Jun 16, 2026

CVE-2010-3082

CVE-2010-3082

Description

Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a csrfmiddlewaretoken (aka csrf_token) cookie.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
DjangoPyPI
>= 1.2, < 1.2.21.2.2

Affected products

4
  • cpe:2.3:a:djangoproject:django:1.2.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:djangoproject:django:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:djangoproject:django:1.2.1:2:*:*:*:*:*:*
    • cpe:2.3:a:djangoproject:django:1.2.2:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 1.2, < 1.2.2

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.