VYPR

PyPI package

django-crm

pkg:pypi/django-crm

Vulnerabilities (2)

  • CVE-2019-11457HigAug 27, 2019
    affected <= 0.2.1

    Multiple CSRF issues exist in MicroPyramid Django CRM 0.2.1 via /change-password-by-admin/, /api/settings/add/, /cases/create/, /change-password-by-admin/, /comment/add/, /documents/1/view/, /documents/create/, /opportunities/create/, and /login/.

  • CVE-2018-16552HigSep 5, 2018
    affected <= 0.2

    MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/edit/, and /accounts/##/delete/ URIs.