Yourcelf

Name of the Vulnerable Software and Affected Versions: django-anymail versions 0.2 through 1.3 Description: The issue is related to the WEBHOOK AUTHORIZATION setting value, which can be exploited by an attacker with access to error logs to fabricate email tracking events. This can happen if Django error reports are exposed, allowing an attacker to discover the ANYMAIL WEBHOOK setting and post fabricated or malicious Anymail tracking/inbound events to the application. Recommendations: For django-anymail versions 0.2 through 1.3, update to version 1.4 or later to resolve the issue.