Lucene search

K
osvGoogleOSV:PYSEC-2015-7
HistoryJan 16, 2015 - 4:59 p.m.

PYSEC-2015-7

2015-01-1616:59:00
Google
osv.dev
7

0.027 Low

EPSS

Percentile

90.5%

ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.