Micropyramid: >> Django Crm Security Vulnerabilities
Multiple CSRF issues exist in MicroPyramid Django CRM 0.2.1 via /change-password-by-admin/, /api/settings/add/, /cases/create/, /change-password-by-admin/, /comment/add/, /documents/1/view/, /documents/create/, /opportunities/create/, and /login/.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-08-27
MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/edit/, and /accounts/##/delete/ URIs.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-09-05