<ul><li>Django security releases for versions 5.2.1, 5.1.9, and 4.2.21 have been issued to address CVE-2025-32873 related to a denial-of-service possibility in strip_tags().</li><li>The vulnerability in django.utils.html.strip_tags() could result in slow evaluation of certain inputs with large incomplete HTML tags, affecting the striptags template filter.</li><li>Patches have been applied to Django's main, 5.2, 5.1, and 4.2 branches to resolve the issue, and users are advised to upgrade promptly to mitigate the security risk.</li><li>The Django team advises reporting security issues via private email to security@djangoproject.com and not through public platforms like Trac or the Django Forum.</li></ul>

Django Weblog: Django security releases issued: 5.2.1, 5.1.9 and 4.2.21

Discover more