id summary reporter owner description type status component version severity resolution keywords cc stage has_patch needs_docs needs_tests needs_better_patch easy ui_ux
2148 [patch] ForeignKey fields not escaped correctly in django admin rushman@… Adrian Holovaty "Steps to reproduce:
{{{
1. two models m1 and m2
2. m2 has foreign key to m1 and this key in list_display set
3. m1 __str__ returns ''
when you will open list of m2 objects in django admin - you should get some alerts.
}}}
Since this is security hole i'm setting severity to 'major'." defect closed contrib.admin dev major fixed Sergey Kirillov Unreviewed 1 0 0 0 0 0