CVE-2021-21416 – Potential sensitive information disclosed in error reports

https://notcve.org/view.php?id=CVE-2021-21416

01 Apr 2021 — django-registration is a user registration package for Django. The django-registration package provides tools for implementing user-account registration flows in the Django web framework. In django-registration prior to 3.1.2, the base user-account registration view did not properly apply filters to sensitive data, with the result that sensitive data could be included in error reports rather than removed automatically by Django. Triggering this requires: A site is using django-registration < 3.1.2, The site... • https://github.com/ubernostrum/django-registration/security/advisories/GHSA-58c7-px5v-82hh • CWE-209: Generation of Error Message Containing Sensitive Information •