Lucene search
K

4 matches found

OSV
OSV
added 2026/04/30 6:30 a.m.5 views

GHSA-QP2C-XQV6-PHH6 django-mdeditor is Missing Authentication for Critical Function

All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary code execution since this endpoint lacks authentication protection and proper sanitisation of file...

7.1CVSS6.3AI score0.00308EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/04/30 6:30 a.m.10 views

django-mdeditor is Missing Authentication for Critical Function

All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary code execution since this endpoint lacks authentication protection and proper sanitisation of file...

9.8CVSS6.3AI score0.00308EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/04/30 5:0 a.m.12 views

CVE-2025-13030

CVE-2025-13030 affects the django-mdeditor package. All versions are vulnerable to Missing Authentication for Critical Function in the image upload endpoint, allowing an attacker to upload malicious files and achieve arbitrary code execution due to lack of authentication and improper sanitisation...

9.8CVSS6.3AI score0.00308EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.4 views

PT-2026-36039

Name of the Vulnerable Software and Affected Versions django-mdeditor affected versions not specified Description The image upload endpoint lacks authentication protection and proper sanitization of file names. This allows an attacker to upload malicious files and achieve arbitrary code execution...

9.8CVSS6AI score0.00308EPSS
Exploits0References12
Rows per page
Query Builder