WEB APPLICATION VULNERABILITIES Standard & Premium

Django Numeric Errors Vulnerability (CVE-2013-0306)

Description

The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service (memory consumption) or trigger server errors via a modified max_num parameter.

Remediation

References

Related Vulnerabilities

Moodle Other Vulnerability (CVE-2019-10189)

WordPress Plugin Search Unleashed 'Log' Function HTML Injection (0.2.10)

WordPress Plugin Google Maps in Posts Cross-Site Scripting (1.5.3)

Oracle JRE CVE-2013-5778 Vulnerability (CVE-2013-5778)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3829)

Severity

Medium

Classification

CVE-2013-0306

Tags

Missing Update Known Vulnerabilities