Description
The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS.
Remediation
References
Related Vulnerabilities
MySQL CVE-2017-3317 Vulnerability (CVE-2017-3317)
WordPress Plugin Booking Calendar Directory Traversal (7.0)
MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-41362)
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-4558)