Red Hat Security Advisory 2017-1462-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: A redirect flaw, where the is_safe_url() function did not correctly sanitize numeric-URL user input, was found in python-django. A remote attacker could exploit this flaw to perform XSS attacks against the OpenStack dashboard.
7915fc1f53635bda45e495c729f8b6b1d0b2b39a3656cb115a6f9707b46ab156