Information Exposure Affecting django package, versions [,1.3.6) [1.4,1.4.4)
Snyk CVSS
Attack Complexity
Low
Threat Intelligence
EPSS
0.13% (48th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PYTHON-DJANGO-40172
- published 21 Mar 2013
- disclosed 21 Mar 2013
- credit Orange Tsai
Introduced: 21 Mar 2013
CVE-2013-0305 Open this link in a new tabOverview
django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design.
Affected versions of this package are vulnerable to Information Exposure. The administrative interface did not check permissions for the history view, which allows remote authenticated administrators to obtain sensitive object history information.