Enviar #790286: liangliangyy DjangoBlog <= 2.1.0.0 Missing Authenticationinformación

Títuloliangliangyy DjangoBlog <= 2.1.0.0 Missing Authentication
DescripciónDjangoBlog through x.x.x.x allows unauthenticated cache purging via the /clean endpoint in blog/views.py. The endpoint clears the entire application cache without requiring any authentication. Repeated automated requests cause a cache stampede denial-of-service by forcing all application requests to bypass the cache and hit the database directly.
Fuente⚠️ https://github.com/3em0/cve_repo/blob/main/DjangoBlog/Vuln-4-Unauthenticated-Cache-Purge.md
Usuario
 Dem0 (UID 82596)
Sumisión2026-03-26 17:07 (hace 25 días)
Moderación2026-04-19 07:11 (24 days later)
EstadoAceptado
Entrada de VulDB358214 [liangliangyy DjangoBlog hasta 2.1.0.0 Clean Endpoint blog/views.py autenticación débil]
Puntos18

AnteriorVisión De ConjuntoPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!