EPSS
Percentile
52.1%
django_nopassword is vulnerable to information disclosure. The vulnerability exists because it stores the sensitive login codes in the database and compares the codes in plaintext formats at the time of login.
github.com/relekang/django-nopassword/blob/8e8cfc765ee00adfed120c2c79bf71ef856e9022/nopassword/models.py#L14
github.com/relekang/django-nopassword/commit/d8b4615f5fbfe3997d96cf4cb3e342406396193c
github.com/relekang/django-nopassword/compare/v4.0.1...v5.0.0