Launch Week Day 1: Announcing Security Design Review

Mezzanine allows attackers to bypass access control mechanisms

GHSA-qp56-82vp-xqgv · CVE-2024-25169

Published Feb 28, 2024 · Modified Dec 6, 2024

Description

An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-25169
WEB https://github.com/shenhav12/CVE-2024-25169-Mezzanine-v6.0.0
PACKAGE https://github.com/stephenmcd/mezzanine
WEB https://ibb.co/JKh4hmD
WEB https://ibb.co/Pt9qd8t
WEB https://ibb.co/hLLPTVp
WEB https://ibb.co/rfrKj3r

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes