2 matches found
Wagtail has improper restriction handling on Documents and Images API
Impact The Documents and Images API incorrectly listed items in private collections. A user with access to the API could see the filename and name of documents and images in private collections. Patches Patched versions have been released as Wagtail 7.0.7 and 7.3.2. The new 7.4 LTS feature releas...
coderedcms (>=2.0.0 <=2.1.4), puput (=1.2.0) +31 more potentially affected by CVE-2023-45809 via wagtail (>=4.2.4 <=5.0.0rc1)
wagtail PYPI version =4.2.4, =2.0.0, =0.1.0, =0.3.4, =0.0.1, =1.6.0, =0.18.0, =0.19.2 - wagtail-hallo =0.3.0 - wagtail-images-deduplicator =1.0.0a1 and more Source cves: CVE-2023-45809 Source advisory: OSV:PYSEC-2023-219...