Jasu Viding

**Name of the Vulnerable Software and Affected Versions** Django versions 2.2 through 2.2.20 Django versions 3.1 through 3.1.8 Django versions 3.2 through 3.2.0 **Description** The issue is related to the lack of restrictions on file uploads in the Django web application platform, specifically in the MultiPartParser, UploadedFile, and FieldFile components. This can be exploited by a remote attacker to access confidential data using files with specially crafted names, allowing directory traversal via uploaded files. **Recommendations** For Django versions 2.2 through 2.2.20, update to version 2.2.21 or later. For Django versions 3.1 through 3.1.8, update to version 3.1.9 or later. For Django versions 3.2 through 3.2.0, update to version 3.2.1 or later.