Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Django 7PK - Security Features Vulnerability - CVE-2016-7401 - Vulnerability Database
Django

Django 7PK - Security Features Vulnerability - CVE-2016-7401

High
Reference: CVE-2016-7401
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-7401
Title: Django 7PK - Security Features Vulnerability
Overview:

The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10 when used on a site with Google Analytics allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.