Cross-Site Request Forgery Vulnerability in Geex-Arts Django-Jet OAuth Handler
CVE-2026-16216
Key Information:
- Vendor
Geex-arts
- Status
- Vendor
- CVE Published:
- 19 July 2026
Badges
What is CVE-2026-16216?
A vulnerability has been discovered in the OAuth Handler of Geex-Arts Django-Jet, affecting versions up to 1.0.8. This issue allows remote attackers to manipulate the handler and potentially execute cross-site request forgery attacks. Although the problem was reported early, the vendor has not taken action to address it. The availability of the exploit to the public increases the urgency for affected users to secure their systems against potential attacks.
Affected Version(s)
django-jet 1.0.0
django-jet 1.0.1
django-jet 1.0.2
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved
