CRITICAL 9.8
PYSEC-2026-573
wger vulnerable to brute force attempts
Details
Improper Restriction of Excessive Authentication Attempts in GitHub repository wger-project/wger prior to 2.2.
Are you affected?
Enter the version of the package you're using.
Affected packages
References
- https://nvd.nist.gov/vuln/detail/CVE-2022-2650 [ADVISORY]
- https://github.com/wger-project/wger/commit/5e3167e3a2dc95836fa2607fe201524c031a2c4c [WEB]
- https://github.com/wger-project/wger [PACKAGE]
- https://huntr.dev/bounties/f0d85efa-4e78-4b1d-848f-edea115af64b [WEB]
- https://pypi.org/project/wger [PACKAGE]
- https://github.com/advisories/GHSA-gr58-76rp-mmg4 [ADVISORY]