CVE-2026-44198
Wagtail: Improper permission handling when viewing page history
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could still access the history report for the page, potentially resulting in disclosure of sensitive information. This vulnerability is fixed in 7.0.7, 7.3.2, and 7.4.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
wagtail · wagtailQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →