PT-2021-14491 · Unknown +2 · Django-Rest-Registration +2

Name of the Vulnerable Software and Affected Versions: django-registration versions prior to 3.1.2 Description: The django-registration package has an issue where the base user-account registration view does not properly apply filters to sensitive data. This can result in sensitive data being...

Authentication flaw

The registration view /user/register in eZ Publish 3.5.6 and earlier, and possibly other versions before 3.9.5, 3.10.1, and 4.0.1, allows remote attackers to gain privileges as other users via modified ContentObjectAttributedatauserlogin30, ContentObjectAttributedatauserpassword30, and other...