CVE Vulnerability
CVE-2019-11457
Multiple CSRF issues exist in MicroPyramid Django CRM 0.2.1 via /change-password-by-admin/, /api/settings/add/, /cases/create/, /change-password-by-admin/, /comment/add/, /documents/1/view/, /documents/create/, /opportunities/create/, and /login/.
References
| Link | Resource |
|---|---|
| https://www.netsparker.com/blog/web-security/ | Third Party Advisory |
| http://packetstormsecurity.com/files/154219/Django-CRM-0.2.1-Cross-Site-Request-Forgery.html | Third Party Advisory VDB Entry |
| http://seclists.org/fulldisclosure/2019/Aug/30 | Mailing List Third Party Advisory |
Configurations
Configuration 1
|
Information
Published : 2019-08-27 03:15
Updated : 2019-10-09 11:45
NVD link : CVE-2019-11457
Mitre link : CVE-2019-11457
Products Affected
No products.
CWE