Homepage

wagtail@6.3.8

A Django content management system.

  • latest version

    7.4.1

  • latest non vulnerable version

    7.4.1

  • first published

    12 years ago

  • latest version published

    11 days ago

  • licenses detected

  • View wagtail package health on Snyk  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the wagtail package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Improper Handling of Insufficient Permissions or Privileges

    wagtail is an open source content management system built on Django.

    Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges via revision comparisons. An attacker can gain unauthorized access to sensitive information by supplying the primary keys of two revisions to which they do not have edit permissions.

    How to fix Improper Handling of Insufficient Permissions or Privileges?

    Upgrade wagtail to version 7.0.7, 7.3.2, 7.4 or higher.

    [,7.0.7)[7.1rc1,7.3.2)[7.4rc1,7.4)
    • M
    Improper Handling of Insufficient Permissions or Privileges

    wagtail is an open source content management system built on Django.

    Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges via the API for documents and images. A user with access to the API can access filenames and names of items in private collections by querying the API.

    How to fix Improper Handling of Insufficient Permissions or Privileges?

    Upgrade wagtail to version 7.0.7, 7.3.2, 7.4 or higher.

    [,7.0.7)[7.1rc1,7.3.2)[7.4rc1,7.4)
    • M
    Improper Handling of Insufficient Permissions or Privileges

    wagtail is an open source content management system built on Django.

    Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges when viewing page history. A user without edit permissions on a given page can access the history report for that pages.

    How to fix Improper Handling of Insufficient Permissions or Privileges?

    Upgrade wagtail to version 7.0.7, 7.3.2, 7.4 or higher.

    [,7.0.7)[7.1rc1,7.3.2)[7.4rc1,7.4)
    • H
    Improper Handling of Insufficient Permissions or Privileges

    wagtail is an open source content management system built on Django.

    Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges on page copy. An attacker can gain unauthorized access to restricted page content by copying pages from areas they do not have permission to access into areas where they do have access.

    How to fix Improper Handling of Insufficient Permissions or Privileges?

    Upgrade wagtail to version 7.0.7, 7.3.2, 7.4 or higher.

    [,7.0.7)[7.1rc1,7.3.2)[7.4rc1,7.4)
    • M
    Improper Handling of Insufficient Permissions or Privileges

    wagtail is an open source content management system built on Django.

    Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges in the deletion of form submissions. A user can remove other users' form submissions without proper authorization by sending malicious requests.

    Note: This is only exploitable if the attacker has access to the admin interface.

    How to fix Improper Handling of Insufficient Permissions or Privileges?

    Upgrade wagtail to version 7.0.7, 7.3.2, 7.4 or higher.

    [,7.0.7)[7.1rc1,7.3.2)[7.4rc1,7.4)
    Go back to all versions of this package