Description
An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
Remediation
References
Related Vulnerabilities
WordPress Plugin CallRail Phone Call Tracking Cross-Site Request Forgery (0.4.9)
Apache Tomcat Improper Encoding or Escaping of Output Vulnerability (CVE-2022-45143)
WordPress Plugin BCS BatchLine Book Importer Security Bypass (1.5.7)
WordPress Plugin Login Block IPs Cross-Site Request Forgery (1.0.0)
WordPress Plugin Supafolio Multiple Unspecified Vulnerabilities (2.1.0)