Safety vulnerability ID: 33111
The information on this page was manually curated by our Cybersecurity Intelligence Team.
The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not check permissions for the history view, which allows remote authenticated administrators to obtain sensitive object history information.
Latest version: 5.1.4
A high-level Python web framework that encourages rapid development and clean, pragmatic design.
The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not check permissions for the history view, which allows remote authenticated administrators to obtain sensitive object history information.
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application