Mezzanine allows attackers to bypass access controls via manipulating the Host header
An issue in Mezzanine v6.0.0 allows attackers to bypass access controls via manipulating the Host header.
An issue in Mezzanine v6.0.0 allows attackers to bypass access controls via manipulating the Host header.
An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request.
Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the Description field of the component admin/blog/blogpost/add/. This issue is different than CVE-2018-16632.