Pypi · Django-Mdeditor · CVE-2025-13030
**Name of the Vulnerable Software and Affected Versions**
django-mdeditor (affected versions not specified)
**Description**
The image upload endpoint lacks authentication protection and proper sanitization of file names. This allows an attacker to upload malicious files and achieve arbitrary code execution.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.