PYSEC-2017-11

2017-08-1818:29:00

Google

osv.dev

0.002 Low

EPSS

Percentile

61.4%

JSON

Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified vectors.

CPENameOperatorVersion
django-cmseq3.0.12
django-cmseq3.0.7
django-cmseq3.0.3
django-cmseq3.0.13
django-cmseq2.3.3
django-cmseq2.0.2
django-cmseq3.0.4
django-cmseq2.3.2
django-cmseq3.0.6
django-cmseq2.2.1

Name	Operator	Version
django-cms	eq	3.0.12
django-cms	eq	3.0.7
django-cms	eq	3.0.3
django-cms	eq	3.0.13
django-cms	eq	2.3.3
django-cms	eq	2.0.2
django-cms	eq	3.0.4
django-cms	eq	2.3.2
django-cms	eq	3.0.6
django-cms	eq	2.2.1