V
Scaner-VS
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
CVE-2017-7233
DEB
Medium

Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on succe…

CVSS
6.1
Medium
EPSS
0.02
p81
Published
2017-01-01
Updated
2017-01-01
Description

Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.

Tags · CWE
Pre-authXSSOpen redirect
CWE-601
CWE-79
CAPEC-63
CAPEC-85
CAPEC-178
CAPEC-209
CAPEC-588
CAPEC-591
CAPEC-592
Affected products
SoappySoappyAnsiblerole-insights-clientAnsiblerole-insights-clientCandlepinCandlepinCreaterepo_cCreaterepo_cForemanForemanForeman-bootloaders-redhatForeman-bootloaders-redhatForeman-installerForeman-installerForeman-proxyForeman-proxyForeman-selinuxForeman-selinuxGoferGofer
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Timeline
2017-01-01
Published
2017-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: R
Required (R)
Scope
S: C
Changed (C)
Confidentiality Impact
C: L
Low (L)
Integrity Impact
I: L
Low (L)
Availability Impact
A: N
None (N)
Exploit indicators
EPSS
0.024 · p81
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
ProductVendorStatus
SOAPpyTracked
SOAPpyTracked
ansiblerole-insights-clientTracked
ansiblerole-insights-clientTracked
candlepinTracked
candlepinTracked
createrepo_cTracked
createrepo_cTracked
foremanTracked
foremanTracked
foreman-bootloaders-redhatTracked
foreman-bootloaders-redhatTracked
foreman-installerTracked
foreman-installerTracked
foreman-proxyTracked
foreman-proxyTracked
foreman-selinuxTracked
foreman-selinuxTracked
goferTracked
goferTracked
Showing first 20 of 645
Source databases
DEB
CVE
RED
UBU