CVE-2024-28865

Published March 18th, 2024

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

django-wiki is a wiki system for Django. Installations of django-wiki prior to version 0.10.1 are vulnerable to maliciously crafted article content that can cause severe use of server CPU through a regular expression loop. Version 0.10.1 fixes this issue. As a workaround, close off access to create and edit articles by anonymous users.

django-wiki/django-wiki

A wiki system with complex functionality for simple integration and a superb interface. Store your knowledge with style: Use django models.

GitHub

1.92K