django_mfa3 is vulnerable to authentication bypass. The vulnerability exists in admin.py
when django-mfa3 and django.contrib.admin are activated because the login review for admin area doesn’t support multi-factor authentication which allows an attacker to access admin login view.