PT-2026-54837 · Wagtail · Wagtail
0X1Saac
·
Published
2026-07-01
·
Updated
2026-07-02
·
CVE-2026-54260
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Wagtail versions prior to 7.0.8
Wagtail versions prior to 7.3.3
Wagtail versions prior to 7.4.2
Description
An authenticated admin user can cause service degradation by triggering expensive rendition processing using purposefully crafted filter specs. This issue is limited to users with access to the admin interface and cannot be exploited by ordinary site visitors.
Recommendations
Update to version 7.0.8.
Update to version 7.3.3.
Update to version 7.4.2.
Fix
DoS
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wagtail