CVE-2024-25169

Description

An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request.

Affected packages (1)

• PyPI/mezzaninefrom 0, <= 6.0.0

References (7)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-25169
• PATCHhttps://github.com/stephenmcd/mezzanine
• WEBhttps://github.com/shenhav12/CVE-2024-25169-Mezzanine-v6.0.0
• WEBhttps://ibb.co/hLLPTVp
• WEBhttps://ibb.co/JKh4hmD
• WEBhttps://ibb.co/Pt9qd8t
• WEBhttps://ibb.co/rfrKj3r