Django Hashed Passwords Disclosure VulnerabilityOctober 3, 2018 am31 1:52 am

A vulnerability in Django could allow an authenticated, remote attacker to access sensitive information on a targeted system.

The vulnerability is due to insufficient security restrictions imposed by the affected software. An attacker with administrator privileges and view-only permissions could exploit this vulnerability. A successful exploit could allow an attacker to view a targeted user’s hashed password on a targeted system.

The Django Software Foundation confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2018-16984

%d bloggers like this: