Mezzanine@6.0.0 vulnerabilities

An open source content management platform built using the Django framework.

Known vulnerabilities in the Mezzanine package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Authentication Bypass Using an Alternate Path or Channel Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel due to the manipulation of the `Host` header. An attacker can bypass access controls by crafting malicious `Host` header values. How to fix Authentication Bypass Using an Alternate Path or Channel? There is no fixed version for `Mezzanine`.	[0,)
M Cross-site Request Forgery (CSRF) Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) via the admin panel. How to fix Cross-site Request Forgery (CSRF)? There is no fixed version for `Mezzanine`.	[0,)
M Cross-site Scripting (XSS) Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It allows remote attackers to execute arbitrary code via the `Description` field of the component `admin/blog/blogpost/add/`. How to fix Cross-site Scripting (XSS)? There is no fixed version for `Mezzanine`.	[0,)