Описание
django-cms CSRF Vulnerability
Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-5081
- https://github.com/divio/django-cms/commit/f77cbc607d6e2a62e63287d37ad320109a2cc78a
- https://github.com/django-cms/django-cms/commit/f77cbc607d6e2a62e63287d37ad320109a2cc78a
- https://github.com/pypa/advisory-database/tree/main/vulns/django-cms/PYSEC-2017-11.yaml
- https://www.django-cms.org/en/blog/2015/06/27/311-3014-release
- http://www.openwall.com/lists/oss-security/2015/06/28/1
Пакеты
django-cms
< 3.0.14
3.0.14
django-cms
>= 3.1.0b1, < 3.1.1
3.1.1
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified vectors.
Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified vectors.
Cross-site request forgery (CSRF) vulnerability in django CMS before 3 ...