Django Two Factor Authentication
1 CVEs
product
Monthly
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable.
Python
RCE
Redis
Django Two Factor Authentication
NVD
GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-15105
PyPI
EPSS 1%
CVSS 5.4
MEDIUM
PATCH
This Month
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable.
Python
RCE
Redis
+1
NVD
GitHub