django-newsletter@0.2.5 vulnerabilities
Django app for managing multiple mass-mailing lists with both plaintext as well as HTML templates (and pluggable WYSIWYG editors for messages), images and a smart queueing system all right from the admin interface.
-
latest version
0.9.1
-
latest non vulnerable version
-
first published
14 years ago
-
latest version published
4 years ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the django-newsletter package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
django-newsletter is a Newsletter application for the Django web framework. Affected versions of this package are vulnerable to Authorization Bypass. A user can change their email address without confirmation by receiving an update URL via email, accessing the form and changing the email address. How to fix Authorization Bypass? Upgrade |
[,0.7)
|