Launch Week Day 1: Announcing Security Design Review

Deserialization of Untrusted Data in Tendenci

GHSA-jqmc-fxxp-r589 · CVE-2020-14942 · PYSEC-2020-112

Published Jun 18, 2021 · Modified Feb 4, 2026

Description

Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes