VYPR
Moderate severityNVD Advisory· Published Feb 3, 2022· Updated Aug 3, 2024

CVE-2022-22818

CVE-2022-22818

Description

The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
DjangoPyPI
>= 2.2, < 2.2.272.2.27
DjangoPyPI
>= 3.2, < 3.2.123.2.12
DjangoPyPI
>= 4.0, < 4.0.24.0.2

Affected products

74

Patches

Vulnerability mechanics

References

17

News mentions

0

No linked articles in our index yet.