Description
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys.
Remediation
References
Related Vulnerabilities
WordPress Plugin Membership by Supsystic SQL Injection (1.4.7)
Apache Tomcat Other Vulnerability (CVE-2020-1938)
WordPress Plugin WP Easy Columns Cross-Site Scripting (2.1.3)
WordPress Plugin Zedity:The Easiest Way To Create Posts & Pages Cross-Site Scripting (2.5.0)
WordPress Plugin WP-Download 'dl_id' Parameter SQL Injection (1.2)