7 matches found
CVE-2023-45809
creationtimestamp| type| source ---|---|--- 2023-10-19 22:34:39+00:00| seen| https://t.me/cibsecurity/72599...
coderedcms (>=2.0.0 <=2.1.4), puput (=1.2.0) +31 more potentially affected by CVE-2023-45809 via wagtail (>=4.2.4 <=5.0.0rc1)
wagtail PYPI version =4.2.4, =2.0.0, =0.1.0, =0.3.4, =0.0.1, =1.6.0, =0.18.0, =0.19.2 - wagtail-hallo =0.3.0 - wagtail-images-deduplicator =1.0.0a1 and more Source cves: CVE-2023-45809 Source advisory: OSV:PYSEC-2023-219...
wagtail-liveedit (=0.0.8) potentially affected by CVE-2023-45809 via wagtail (=5.1.2)
wagtail PYPI version =5.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on wagtail and may be impacted: - wagtail-liveedit =0.0.8 Source cves: CVE-2023-45809 Source advisory: OSV:PYSEC-2023-219...
CVE-2023-45809
Vulnerability: Wagtail CMS (Django) exposes display names of user accounts via the admin bulk actions view when accessed by a limited-permission editor. Root cause: error messages disclose user display names; by tweaking URL parameters, a non-changeing editor can retrieve any user’s display name....
CVE-2023-45809 Disclosure of user names via admin bulk action views in wagtail
Wagtail is an open source content management system built on Django. A user with a limited-permission editor account for the Wagtail admin can make a direct URL request to the admin view that handles bulk actions on user accounts. While authentication rules prevent the user from making any change...
coderedcms (>=2.0.0 <=2.1.4), puput (=1.2.0) +31 more potentially affected by CVE-2023-45809 via wagtail (>=4.2.4 <=5.0.0rc1)
wagtail PYPI version =4.2.4, =2.0.0, =0.1.0, =0.3.4, =0.0.1, =1.6.0, =0.18.0, =0.19.2 - wagtail-hallo =0.3.0 - wagtail-images-deduplicator =1.0.0a1 and more Source cves: CVE-2023-45809 Source advisory: OSV:GHSA-FC75-58R8-RM3H...
aimmo (>=0.57.1 <=1.3.1b671), cfl-common (>=4.3.0 <=5.26.7) +116 more potentially affected by CVE-2023-45809 via wagtail (>=1.0.0 <=4.0.4)
wagtail PYPI version =1.0.0, =0.57.1, =4.3.0, =2.28.0, =0.5.0, =0.3.1, =0.1.29, =0.2.0, =2.0.3, =0.1.1, =0.2.4, =5.22.3, =10.2.9 and more Source cves: CVE-2023-45809 Source advisory: OSV:GHSA-FC75-58R8-RM3H...