Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/29 3:48 p.m.11 views

CVE-2025-48383

Django-Select2 is a Django integration for Select2. Prior to version 8.4.1, instances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can leak secret access tokens across requests. This can allow users to access restricted query sets and restricted data...

8.2CVSS6.7AI score0.00262EPSS
Exploits0References1
NVD
NVD
added 2025/05/27 3:15 p.m.16 views

CVE-2025-48383

Django-Select2 is a Django integration for Select2. Prior to version 8.4.1, instances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can leak secret access tokens across requests. This can allow users to access restricted query sets and restricted data...

8.2CVSS0.00262EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/05/27 3:15 p.m.5 views

CVE-2025-48383

Django-Select2 is a Django integration for Select2. Prior to version 8.4.1, instances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can leak secret access tokens across requests. This can allow users to access restricted query sets and restricted data...

8.2CVSS5.7AI score0.00262EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/27 3:3 p.m.23 views

CVE-2025-48383 Django-Select2 Vulnerable to Widget Instance Secret Cache Key Leaking

Django-Select2 is a Django integration for Select2. Prior to version 8.4.1, instances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can leak secret access tokens across requests. This can allow users to access restricted query sets and restricted data...

8.2CVSS0.00262EPSS
Exploits0References2
CVE
CVE
added 2025/05/27 3:3 p.m.73 views

CVE-2025-48383

The CVE-2025-48383 issue affects Django-Select2: HeavySelect2Mixin subclasses (notably ModelSelect2MultipleWidget and ModelSelect2Widget) can leak secret access tokens across requests, enabling access to restricted query sets/data. The vulnerability is mitigated in version 8.4.1 and later. No exp...

8.2CVSS6.8AI score0.00262EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/27 3:3 p.m.17 views

CVE-2025-48383 Django-Select2 Vulnerable to Widget Instance Secret Cache Key Leaking

Django-Select2 is a Django integration for Select2. Prior to version 8.4.1, instances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can leak secret access tokens across requests. This can allow users to access restricted query sets and restricted data...

8.2CVSS6.8AI score0.00262EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/05/27 3:3 p.m.8 views

CVE-2025-48383

Django-Select2 is a Django integration for Select2. Prior to version 8.4.1, instances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can leak secret access tokens across requests. This can allow users to access restricted query sets and restricted data...

8.2CVSS5.2AI score0.00262EPSS
Exploits0
Rows per page
Query Builder