exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2018-6188

больше 7 лет назад

django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.

CVSS3: 7.5

EPSS: Низкий

CVE-2018-6188

больше 7 лет назад

django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.

CVSS3: 5.3

EPSS: Низкий

CVE-2018-6188

больше 7 лет назад

django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.

CVSS3: 7.5

EPSS: Низкий

CVE-2018-6188

больше 7 лет назад

django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0. ...

CVSS3: 7.5

EPSS: Низкий

GHSA-rf4j-j272-fj86

больше 6 лет назад

Django vulnerable to information leakage in AuthenticationForm

CVSS3: 7.5

EPSS: Низкий

BDU:2024-09053

почти 7 лет назад

Уязвимость метода confirm_login_allowed() программной платформы для веб-приложений Django, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2018-6188 django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.	CVSS3: 7.5	2% Низкий	больше 7 лет назад
CVE-2018-6188 django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.	CVSS3: 5.3	2% Низкий	больше 7 лет назад
CVE-2018-6188 django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.	CVSS3: 7.5	2% Низкий	больше 7 лет назад
CVE-2018-6188 django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0. ...	CVSS3: 7.5	2% Низкий	больше 7 лет назад
GHSA-rf4j-j272-fj86 Django vulnerable to information leakage in AuthenticationForm	CVSS3: 7.5	2% Низкий	больше 6 лет назад
BDU:2024-09053 Уязвимость метода confirm_login_allowed() программной платформы для веб-приложений Django, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным	CVSS3: 7.5	2% Низкий	почти 7 лет назад

Уязвимостей на страницу