CVE-2016-10321
Published
CVSS v3
N/A
CVSS v2
5
MEDIUM
Affected
1
PROJECT
Description
web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker to perform brute-force attacks.
Free and open source full-stack enterprise framework for agile development of secure database-driven web-based applications, written and programmable in Python.
GitHub