Download
| Alert*
oval:org.secpod.oval:def:2103380
django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive. oval:org.secpod.oval:def:113151 Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. oval:org.secpod.oval:def:704206 python-django: High-level Python web development framework Several security issues were fixed in Django. |