Описание
django-wiki is a wiki system for Django. Installations of django-wiki prior to version 0.10.1 are vulnerable to maliciously crafted article content that can cause severe use of server CPU through a regular expression loop. Version 0.10.1 fixes this issue. As a workaround, close off access to create and edit articles by anonymous users.
Ссылки
- Patch
- Vendor Advisory
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.10.1 (исключая)
cpe:2.3:a:django-wiki_project:django-wiki:*:*:*:*:*:django:*:*
EPSS
Процентиль: 40%
0.00184
Низкий
7.5 High
CVSS3
Дефекты
CWE-1333
Связанные уязвимости
EPSS
Процентиль: 40%
0.00184
Низкий
7.5 High
CVSS3
Дефекты
CWE-1333