Fantastic vulnerabilities and where to find them (part 1)- how to XSS using Django form errors

Source link According to Django’s documentation the way to build dynamic error messages for field validation errors is to raise a django.core.exceptions.ValidationError exception with the corresponding message. Such an exception thrown from any of the validation functions of the form (e.g. the methods clean() and clean_<fieldname>()of the django.forms.BaseForm class) will . . . Read more

