Описание
The LazyUser class in the AuthenticationMiddleware for Django 0.95 does not properly cache the user name across requests, which allows remote authenticated users to gain the privileges of a different user.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | |
| edgy | DNE | |
| feisty | not-affected | |
| gutsy | not-affected | |
| upstream | released | 0.95.1 |
Показывать по
10
Ссылки на источники
6.5 Medium
CVSS2
Связанные уязвимости
nvd
больше 18 лет назад
The LazyUser class in the AuthenticationMiddleware for Django 0.95 does not properly cache the user name across requests, which allows remote authenticated users to gain the privileges of a different user.
debian
больше 18 лет назад
The LazyUser class in the AuthenticationMiddleware for Django 0.95 doe ...
6.5 Medium
CVSS2