High severity8.8NVD Advisory· Published Aug 18, 2017· Updated Jun 17, 2026
CVE-2015-5081
CVE-2015-5081
Description
Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
django-cmsPyPI | < 3.0.14 | 3.0.14 |
django-cmsPyPI | >= 3.1.0b1, < 3.1.1 | 3.1.1 |
Affected products
3cpe:2.3:a:django-cms:django_cms:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:django-cms:django_cms:*:*:*:*:*:*:*:*range: <=3.0.13
- cpe:2.3:a:django-cms:django_cms:3.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
8- www.openwall.com/lists/oss-security/2015/06/28/1nvdMailing ListThird Party AdvisoryWEB
- github.com/advisories/GHSA-2pqc-gv8q-pvqvghsaADVISORY
- github.com/divio/django-cms/commit/f77cbc607d6e2a62e63287d37ad320109a2cc78anvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2015-5081ghsaADVISORY
- www.django-cms.org/en/blog/2015/06/27/311-3014-release/nvdRelease NotesVendor Advisory
- github.com/django-cms/django-cms/commit/f77cbc607d6e2a62e63287d37ad320109a2cc78aghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/django-cms/PYSEC-2017-11.yamlghsaWEB
- www.django-cms.org/en/blog/2015/06/27/311-3014-releaseghsaWEB
News mentions
0No linked articles in our index yet.