Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown
CVE-2018-6188
Disclosure Date: February 05, 2018 (last updated October 06, 2023)
django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.
0
