CVE-2016-7401 in Djangoinfo

Summary

The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

ID	Vulnerability	CWE	Exp	Cou	CVE
92215	Django Cookie Parsing 7pk security	254	Not defined	Official fix	CVE-2016-7401

Reservation

09/09/2016

Disclosure

10/03/2016

Status

Confirmed

Entries

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7401
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7401
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7401/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!