VDB
DEBIAN-CVE-2022-22818
DEBIAN-CVE-2022-22818
PUBLISHED
CVSS 6.099999904632568 MEDIUM
The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS.
Risk Scores
CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | python-django | 0, 0, 0 |
| Debian:12 | python-django | 0, 0, 0 |
| Debian:14 | python-django | 0, 0, 0 |
| Debian:11 | python-django | *, 0, * |
Exploit Intelligence
Timeline
- Feb 3, 2022 CVE Published
- Apr 28, 2026 CVE Updated