diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md
index 11d12ae32..9879c4665 100644
--- a/docs/topics/release-notes.md
+++ b/docs/topics/release-notes.md
@@ -40,6 +40,12 @@ You can determine your currently installed version using `pip freeze`:
 
 ## 2.4.x series
 
+### 2.4.5
+
+**Date**: 24 March 2015
+
+* **Security fix**: Escape tab switching cookie name in browsable API. [Backported from 3.1.1](http://www.django-rest-framework.org/topics/release-notes/#311).
+
 ### 2.4.4
 
 **Date**: [3rd November 2014](https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%222.4.4+Release%22+).
diff --git a/requirements-test.txt b/requirements-test.txt
index 411daeba2..2880f5a98 100644
--- a/requirements-test.txt
+++ b/requirements-test.txt
@@ -2,7 +2,8 @@
 pytest-django==2.6
 pytest==2.5.2
 pytest-cov==1.6
-flake8==2.2.2
+pep8==1.5.7
+flake8==2.4.0
 
 # Optional packages
 markdown>=2.1.0
diff --git a/rest_framework/__init__.py b/rest_framework/__init__.py
index 15b12d9be..530190971 100644
--- a/rest_framework/__init__.py
+++ b/rest_framework/__init__.py
@@ -8,7 +8,7 @@ ______ _____ _____ _____    __
 """
 
 __title__ = 'Django REST framework'
-__version__ = '2.4.4'
+__version__ = '2.4.5'
 __author__ = 'Tom Christie'
 __license__ = 'BSD 2-Clause'
 __copyright__ = 'Copyright 2011-2014 Tom Christie'
diff --git a/rest_framework/static/rest_framework/js/default.js b/rest_framework/static/rest_framework/js/default.js
index bcb1964db..f04e55696 100644
--- a/rest_framework/static/rest_framework/js/default.js
+++ b/rest_framework/static/rest_framework/js/default.js
@@ -43,6 +43,10 @@ $('a[data-toggle="tab"]').click(function(){
 var selectedTab = null;
 var selectedTabName = getCookie('tabstyle');
 
+if (selectedTabName) {
+    selectedTabName = selectedTabName.replace(/[^a-z-]/g, '');
+}
+
 if (selectedTabName) {
     selectedTab = $('.form-switcher a[name=' + selectedTabName + ']');
 }
diff --git a/tox.ini b/tox.ini
index b3f53cce2..0e17ca511 100644
--- a/tox.ini
+++ b/tox.ini
@@ -15,7 +15,8 @@ setenv =
 [testenv:flake8]
 basepython = python2.7
 deps = pytest==2.5.2
-       flake8==2.2.2
+       pep8==1.5.7
+       flake8==2.4.0
 commands = ./runtests.py --lintonly
 
 [testenv:py3.4-django1.7]