django_mfa3 is vulnerable to authentication bypass. The vulnerability exists in admin.py
when django-mfa3 and django.contrib.admin are activated because the login review for admin area doesn’t support multi-factor authentication which allows an attacker to access admin login view.
CPE | Name | Operator | Version |
---|---|---|---|
django-mfa3 | le | 0.4.0 | |
django-mfa3 | le | 0.4.0 |