Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers to enumerate user e-mail addresses by sending password reset requests and observing the outcome (only when e-mail sending is consistently failing).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Django 安全漏洞
Vulnerability Description
Django是Django基金会的一套基于Python语言的开源Web应用框架。该框架包括面向对象的映射器、视图系统、模板系统等。 Django v5.1.1版本、v5.0.9版本和v4.2.16版本存在安全漏洞。攻击者利用该漏洞通过发送密码重置请求来枚举用户电子邮件地址。
CVSS Information
N/A
Vulnerability Type
N/A