Red Hat Security Advisory 2017-1451-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: A redirect flaw, where the is_safe_url() function did not correctly sanitize numeric-URL user input, was found in python-django. A remote attacker could exploit this flaw to perform XSS attacks against the OpenStack dashboard.
2da61be40fdc1c13cf6e5a8e420f09b72268374fea540bc91b264fb566ee06dc