Lucene search
+L

9 matches found

Packet Storm
Packet Storm
added 2024/04/15 12:0 a.m.510 views

Django REST Framework SimpleJWT 5.3.1 Information Disclosure

Exploit Title: djangorestframework-simplejwt 5.3.1 - Information Disclosure Date: 26/01/2024 Exploit Author: Dhrumil Mistry dmdhrumilmistry Vendor Homepage: https://github.com/jazzband/djangorestframework-simplejwt/ Software...

7.4AI score0.00804EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/04/15 12:0 a.m.324 views

djangorestframework-simplejwt 5.3.1 - Information Disclosure

Exploit Title: djangorestframework-simplejwt 5.3.1 - Information Disclosure Date: 26/01/2024 Exploit Author: Dhrumil Mistry dmdhrumilmistry Vendor Homepage: https://github.com/jazzband/djangorestframework-simplejwt/ Software...

5.5CVSS6.4AI score0.00804EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2024/03/16 6:23 p.m.35 views

CVE-2024-22513

A flaw was found in djangorestframework-simplejwt. Affected versions of this package are vulnerable to information disclosure. This flaw allows a user to access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS6AI score0.00804EPSS
Exploits4References3
OSV
OSV
added 2024/03/16 7:15 a.m.9 views

CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS5.2AI score0.00804EPSS
Exploits4References1
NVD
NVD
added 2024/03/16 7:15 a.m.18 views

CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS6AI score0.00804EPSS
Exploits4References1
Vulnrichment
Vulnrichment
added 2024/03/16 12:0 a.m.22 views

CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

6.7AI score0.00804EPSS
Exploits4References1
Cvelist
Cvelist
added 2024/03/16 12:0 a.m.30 views

CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

6.2AI score0.00804EPSS
Exploits4References1
CVE
CVE
added 2024/03/16 12:0 a.m.98 views

CVE-2024-22513

The CVE-2024-22513 vulnerability affects djangorestframework-simplejwt up to and including 5.3.1, where information disclosure can occur because the for_user validation path is missing for inactive users. Multiple connected advisories confirm the issue and link it to inactive-user access of resou...

5.5CVSS6AI score0.00804EPSS
Exploits4References1
Circl
Circl
added 2024/02/11 2:18 p.m.8 views

CVE-2024-22513

creationtimestamp| type| source ---|---|--- 2024-02-11 14:18:34+00:00| seen| https://t.me/arpsyndicate/3403 2024-03-16 08:21:54+00:00| seen| https://t.me/ctinow/209407 2024-03-16 08:26:37+00:00| seen| https://t.me/ctinow/209409 2024-03-16 19:31:52+00:00| seen| https://t.me/ctinow/209681...

5.5CVSS5.4AI score0.00804EPSS
Exploits4References4
Rows per page
Query Builder