DEBIAN-CVE-2013-0305

DEBIAN-CVE-2013-0305 PUBLISHED

The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not check permissions for the history view, which allows remote authenticated administrators to obtain sensitive object history information.

Affected Products

Vendor	Product	Versions
Debian:14	python-django	0, 0, 0
Debian:11	python-django	0, 0, 0
Debian:12	python-django	0, 0, 0
Debian:13	python-django	0, 0, 0

Timeline

May 2, 2013 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2013-0305 advisory

Open in Interactive Console →