Closed nafod closed 9 years ago
Thanks to the virtualenv, you could force an old and known vulnerable version of some library to be installed. Also, could use the requirements.txt file to demonstrate the important of making sure systems are updated.
Django 1.7.4 has a DoS and XSS vuln associated with it:
http://www.cvedetails.com/cve/CVE-2015-2316/
https://www.djangoproject.com/weblog/2015/mar/18/security-releases/
Should be good to go in master now
Thanks to the virtualenv, you could force an old and known vulnerable version of some library to be installed. Also, could use the requirements.txt file to demonstrate the important of making sure systems are updated.