Skip to main content

Product Released in Non-Release Configuration

CVE-2023-5457

Severity High
Score 7.5/10

Summary

A CWE-1269 "Product Released in Non-Release Configuration" vulnerability in the Django web framework used by the web application (due to the "debug" configuration parameter set to "True") allows a remote unauthenticated attacker to access critical information and have other unspecified impacts to the confidentiality, integrity, and availability of the application. This issue affects all versions of Django if and only if the user makes the debug configuration to "True".

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • NONE

CWE-1269 - Product Released in Non-Release Configuration

The product released to market is released in pre-production or manufacturing configuration.

Advisory Timeline

  • Published