Django Improper Input Validation Vulnerability - CVE-2011-4136 - Vulnerability Database

Django Improper Input Validation Vulnerability - CVE-2011-4136

Medium
Reference: CVE-2011-4136
Title: Django Improper Input Validation Vulnerability
Overview:

django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1 when session data is stored in the cache uses the root namespace for both session identifiers and application-data keys which allows remote attackers to modify a session by triggering use of a key that is equal to that session39s identifier.