Filtered by vendor Django-commons
Subscriptions
Filtered by product Django-unicorn
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-31815 | 1 Django-commons | 1 Django-unicorn | 2026-03-11 | 5.3 Medium |
| Unicorn adds modern reactive component functionality to your Django templates. Prior to 0.67.0, component state manipulation is possible in django-unicorn due to missing access control checks during property updates and method calls. An attacker can bypass the intended _is_public protection to modify internal attributes such as template_name or trigger protected methods. This vulnerability is fixed in 0.67.0. | ||||
Page 1 of 1.