← Back

Django Rest Registration

django-rest-registration

Vendor: Django Rest Registration Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-13177
1Django Rest Registration Project
1Django Rest Registration
Nov 21, 2024
Jul 2, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
verification.py in django-rest-registration (aka Django REST Registration library) before 0.5.0 relies on a static string for signatures (i.e., the Django Signing API is misused), which allows remote attackers to spoof t...Show more
verification.py in django-rest-registration (aka Django REST Registration library) before 0.5.0 relies on a static string for signatures (i.e., the Django Signing API is misused), which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to calling a security-critical function with an incorrect argument.Show less