django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Thanks for checking it out.
Affected versions of this package are vulnerable to Content Spoofing. The default 404 page did not properly handle user-supplied data, an attacker could supply content to the web application, typically via a parameter value, that is reflected back to the user. This presented the user with a modified page under the context of the trusted domain.
django to version 1.11.18, 2.0.10, 2.1.5 or higher.