Django Password Reset Mechanism Remote Denial of Service Vulnerability

Django is prone to a denial-of-service vulnerability because it fails to validate certain input while resetting a password.

Exploiting this issue allows remote attackers to consume excessive server resources, causing denial-of-service conditions.

Versions prior to Django 1.2.4, 1.1.3, and 1.3 beta 1 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus