angler-fishThe Vulnerability History Project

[2.2.x] Fixed CVE-2019-19844 -- Used verified user email for password reset requests.

      Backport of 5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70 from master.

Co-Authored-By: Florian Apolloner <florian@apolloner.eu>
by Hunter the Chinook 2019-12-17 02:51:57 UTC
commit 4d334bea06cac63dc1272abcec545b85136cca0e
Django Fix CVE-2019-19844
django/contrib/auth/forms.py
+4 -20
docs/releases/1.11.27.txt
+2 -18
docs/releases/2.2.9.txt
+2 -18
tests/auth_tests/test_forms.py
-36
expand_less