1 results (0.001 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

django-markupfield before 1.3.2 uses the default docutils RESTRUCTUREDTEXT_FILTER_SETTINGS settings, which allows remote attackers to include and read arbitrary files via unspecified vectors. django-markupfield anterior a 1.3.2 utiliza las configuraciones de docutils RESTRUCTUREDTEXT_FILTER_SETTINGS por defecto, lo que permite a atacantes remotos incluir y leer ficheros arbitrarios a través de vectores no especificados. • http://www.debian.org/security/2015/dsa-3230 https://github.com/jamesturk/django-markupfield/blob/master/CHANGELOG • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •