← back
CVE-2021-45116

CVE-2021-45116

CVSS 7.5 HIGHEPSS 1.8%CWE-20
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.5EPSS 1.8%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
04 Jan 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →