Lucene search

K
cvelistMitreCVELIST:CVE-2021-45116
HistoryJan 04, 2022 - 11:12 p.m.

CVE-2021-45116

2022-01-0423:12:43
mitre
www.cve.org
9
django
information disclosure
dictsort filter

AI Score

7.6

Confidence

High

EPSS

0.002

Percentile

53.9%

An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language’s variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key.