VDB

DEBIAN-CVE-2022-22818

DEBIAN-CVE-2022-22818 PUBLISHED CVSS 6.099999904632568 MEDIUM

The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS.

Risk Scores

CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersions
Debian:13python-django0, 0, 0
Debian:12python-django0, 0, 0
Debian:14python-django0, 0, 0
Debian:11python-django*, 0, *

Timeline

  • Feb 3, 2022 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›