angler-fishThe Vulnerability History Project

[1.11.x] Fixed CVE-2019-19844 -- Used verified user email for password reset requests.

      Backport of 5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70 from master.

Co-Authored-By: Florian Apolloner <florian@apolloner.eu>
by Hunter the Chinook 2019-12-17 02:51:57 UTC
commit f4cff43bf921fcea6a29b726eb66767f67753fa2
Django Fix CVE-2019-19844
django/contrib/auth/forms.py
+4 -26
docs/releases/1.11.27.txt
+2 -18
tests/auth_tests/test_forms.py
-42
expand_less