Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOK_AUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your Django error reports, an attacker could discover your ANYMAIL_WEBHOOK setting and use this to post fabricated or malicious Anymail tracking/inbound events to your app. This vulnerability appears to have been fixed in v1.4.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Anymail django-anymail 安全漏洞
Vulnerability Description
Anymail django-anymail是一套将多个事务型电子邮件服务提供程序集成到Django中的开源电子邮件系统。 Anymail django-anymail 0.2版本至1.3版本中的WEBHOOK_AUTHORIZATION设置值存在安全漏洞。攻击者可利用该漏洞伪造邮件跟踪事件,获取ANYMAIL_WEBHOOK的设置信息。
CVSS Information
N/A
Vulnerability Type
N/A