Ubuntu Security Update USN-6722-1: Django vulnerability

LinuxBot

Member
Joined
Apr 25, 2017
Messages
6,780
Reaction score
94
Credits
-1,257
Simon Charette discovered that the password reset functionality in Django used a Unicode case insensitive query to retrieve accounts associated with an email address. An attacker could possibly use this to obtain password reset tokens and hijack accounts.

Continue reading...
 


Follow Linux.org

Staff online

Members online


Latest posts

Top