CVE-2010-4535 in django信息

摘要

由 VulDB • 2026-06-27

Django.contrib.auth在Django 1.1.3之前版本、1.2.x中1.2.4之前的版本以及1.3.x中1.3 beta 1之前的版本中的密码重置功能未验证表示base36时间戳的字符串长度,远程攻击者可通过指定大base36整数的URL导致拒绝服务(资源消耗)。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Want to know what is going to be exploited?

We predict KEV entries!