CVE-2007-0405 (retired)

Priority
Description
The LazyUser class in the AuthenticationMiddleware for Django 0.95 does not
properly cache the user name across requests, which allows remote
authenticated users to gain the privileges of a different user.
Package
Upstream:released (0.95.1)
More Information

Updated: 2019-03-26 11:39:14 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)