PYSEC-2026-329 Django-Unicorn Class Pollution Vulnerability, Leading to XSS, DoS and Authentication Bypass
Summary Django-Unicorn is vulnerable to python class pollution vulnerability, a new type of vulnerability categorized under CWE-915. The vulnerability arises from the core functionality setpropertyvalue, which can be remotely triggered by users by crafting appropriate component requests and feedi...