django-allauth@0.58.0 vulnerabilities
Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication.
-
latest version
65.2.0
-
latest non vulnerable version
-
first published
14 years ago
-
latest version published
17 days ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the django-allauth package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
django-allauth is an integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper user input sanitization, allowing an attacker to exploit this vulnerability when configuring the Facebook provider to use the How to fix Cross-site Scripting (XSS)? Upgrade |
[,0.63.6)
|
django-allauth is an integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication. Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) in the SAML login flow. How to fix Cross-site Request Forgery (CSRF)? Upgrade |
[,0.63.3)
|