A security issue affects the following Ubuntu releases:
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
In general, a standard system update will make all the necessary changes.
It was discovered that Django did not properly sanitize the cookie value
when applying CSRF protections resulting in a cross-site scripting (XSS)
vulnerability. With cross-site scripting vulnerabilities, if a user were
tricked into viewing server output during a crafted server request, a
remote attacker could exploit this to modify the contents, or steal
confidential data, within the same domain.