Vulnerability-Lookup

CVE-2017-7233 (GCVE-0-2017-7233)

Vulnerability from cvelistv5 – Published: 2017-04-04 17:00 – Updated: 2024-08-05 15:56

Summary

Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

PYSEC-2017-9

Vulnerability from pysec - Published: 2017-04-04 17:59 - Updated: 2021-07-05 00:01

Details

Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely django.utils.http.is_safe_url()) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on is_safe_url() to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.

Impacted products

Name	purl
django	pkg:pypi/django

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "django",
        "purl": "pkg:pypi/django"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.10"
            },
            {
              "fixed": "1.10.7"
            },
            {
              "introduced": "1.9"
            },
            {
              "fixed": "1.9.13"
            },
            {
              "introduced": "1.8"
            },
            {
              "fixed": "1.8.18"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.10",
        "1.10.1",
        "1.10.2",
        "1.10.3",
        "1.10.4",
        "1.10.5",
        "1.10.6",
        "1.8",
        "1.8.1",
        "1.8.10",
        "1.8.11",
        "1.8.12",
        "1.8.13",
        "1.8.14",
        "1.8.15",
        "1.8.16",
        "1.8.17",
        "1.8.2",
        "1.8.3",
        "1.8.4",
        "1.8.5",
        "1.8.6",
        "1.8.7",
        "1.8.8",
        "1.8.9",
        "1.9",
        "1.9.1",
        "1.9.10",
        "1.9.11",
        "1.9.12",
        "1.9.2",
        "1.9.3",
        "1.9.4",
        "1.9.5",
        "1.9.6",
        "1.9.7",
        "1.9.8",
        "1.9.9"
      ]
    }
  ],
  "aliases": [
    "CVE-2017-7233",
    "GHSA-37hp-765x-j95x"
  ],
  "details": "Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an \"on success\" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs \"safe\" when they shouldn\u0027t be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.",
  "id": "PYSEC-2017-9",
  "modified": "2021-07-05T00:01:20.658989Z",
  "published": "2017-04-04T17:59:00Z",
  "references": [
    {
      "type": "ARTICLE",
      "url": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases/"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97406"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038177"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.debian.org/security/2017/dsa-3835"
    },
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2017:3093"
    },
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2017:1596"
    },
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2017:1470"
    },
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2017:1462"
    },
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2017:1451"
    },
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2017:1445"
    },
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2018:2927"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-37hp-765x-j95x"
    }
  ]
}

CNVD-2017-10817

Vulnerability from cnvd - Published: 2017-06-23

Title

Django 'django.contrib.auth.views.login()'函数开放重定向漏洞

Description

Django是Django软件基金会的一套基于Python语言的开源Web应用框架。该框架包括面向对象的映射器、视图系统、模板系统等。 Django 'django.contrib.auth.views.login()'函数存在开放重定向漏洞，该漏洞源于程序未能正确验证用户提供的输入。攻击者可利用该漏洞通过构造一个特制的URI并诱导用户点击该链接，将用户重定向到攻击者控制的网站，导致网络钓鱼攻击和其他攻击。

Severity

中

Patch Name

Django 'django.contrib.auth.views.login()'函数开放重定向漏洞的补丁

Patch Description

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://www.djangoproject.com/weblog/2017/apr/04/security-releases/

Reference

http://www.securityfocus.com/bid/97406 https://nvd.nist.gov/vuln/detail/CVE-2017-7233

Impacted products

Name
['Django Django 1.10，<1.10.7', 'Django Django 1.9，<1.9.13', 'Django Django 1.8，<1.8.18']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "97406"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-7233",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7233"
    }
  },
  "description": "Django\u662fDjango\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u57fa\u4e8ePython\u8bed\u8a00\u7684\u5f00\u6e90Web\u5e94\u7528\u6846\u67b6\u3002\u8be5\u6846\u67b6\u5305\u62ec\u9762\u5411\u5bf9\u8c61\u7684\u6620\u5c04\u5668\u3001\u89c6\u56fe\u7cfb\u7edf\u3001\u6a21\u677f\u7cfb\u7edf\u7b49\u3002\r\n\r\nDjango \u0027django.contrib.auth.views.login()\u0027\u51fd\u6570\u5b58\u5728\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u9a8c\u8bc1\u7528\u6237\u63d0\u4f9b\u7684\u8f93\u5165\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u6784\u9020\u4e00\u4e2a\u7279\u5236\u7684URI\u5e76\u8bf1\u5bfc\u7528\u6237\u70b9\u51fb\u8be5\u94fe\u63a5\uff0c\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u5230\u653b\u51fb\u8005\u63a7\u5236\u7684\u7f51\u7ad9\uff0c\u5bfc\u81f4\u7f51\u7edc\u9493\u9c7c\u653b\u51fb\u548c\u5176\u4ed6\u653b\u51fb\u3002",
  "discovererName": "Django",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://www.djangoproject.com/weblog/2017/apr/04/security-releases/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-10817",
  "openTime": "2017-06-23",
  "patchDescription": "Django\u662fDjango\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u57fa\u4e8ePython\u8bed\u8a00\u7684\u5f00\u6e90Web\u5e94\u7528\u6846\u67b6\u3002\u8be5\u6846\u67b6\u5305\u62ec\u9762\u5411\u5bf9\u8c61\u7684\u6620\u5c04\u5668\u3001\u89c6\u56fe\u7cfb\u7edf\u3001\u6a21\u677f\u7cfb\u7edf\u7b49\u3002\r\n\r\nDjango \u0027django.contrib.auth.views.login()\u0027\u51fd\u6570\u5b58\u5728\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u9a8c\u8bc1\u7528\u6237\u63d0\u4f9b\u7684\u8f93\u5165\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u6784\u9020\u4e00\u4e2a\u7279\u5236\u7684URI\u5e76\u8bf1\u5bfc\u7528\u6237\u70b9\u51fb\u8be5\u94fe\u63a5\uff0c\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u5230\u653b\u51fb\u8005\u63a7\u5236\u7684\u7f51\u7ad9\uff0c\u5bfc\u81f4\u7f51\u7edc\u9493\u9c7c\u653b\u51fb\u548c\u5176\u4ed6\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Django \u0027django.contrib.auth.views.login()\u0027\u51fd\u6570\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Django Django 1.10\uff0c\u003c1.10.7",
      "Django Django 1.9\uff0c\u003c1.9.13",
      "Django Django 1.8\uff0c\u003c1.8.18"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/97406\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-7233",
  "serverity": "\u4e2d",
  "submitTime": "2017-05-24",
  "title": "Django \u0027django.contrib.auth.views.login()\u0027\u51fd\u6570\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e"
}

GHSA-37HP-765X-J95X

Vulnerability from github – Published: 2019-01-04 17:50 – Updated: 2024-09-18 16:08

Summary

Django open redirect and possible XSS attack via user-supplied numeric redirect URLs

Details

Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely django.utils.http.is_safe_url()) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on is_safe_url() to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.

Severity ?

6.1 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

5.3 (Medium)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "Django"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.10a1"
            },
            {
              "fixed": "1.10.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "Django"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.9a1"
            },
            {
              "fixed": "1.9.13"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "Django"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.8a1"
            },
            {
              "fixed": "1.8.18"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-7233"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-601"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T20:54:21Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an \"on success\" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs \"safe\" when they shouldn\u0027t be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.",
  "id": "GHSA-37hp-765x-j95x",
  "modified": "2024-09-18T16:08:51Z",
  "published": "2019-01-04T17:50:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7233"
    },
    {
      "type": "WEB",
      "url": "https://github.com/django/django/commit/254326cb3682389f55f886804d2c43f7b9f23e4f"
    },
    {
      "type": "WEB",
      "url": "https://github.com/django/django/commit/8339277518c7d8ec280070a780915304654e3b66"
    },
    {
      "type": "WEB",
      "url": "https://github.com/django/django/commit/f824655bc2c50b19d2f202d7640785caabc82787"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:1445"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:1451"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:1462"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:1470"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:1596"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:3093"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2927"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-37hp-765x-j95x"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/django/django"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2017-9.yaml"
    },
    {
      "type": "WEB",
      "url": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2017/dsa-3835"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Django open redirect and possible XSS attack via user-supplied numeric redirect URLs"
}

FKIE_CVE-2017-7233

Vulnerability from fkie_nvd - Published: 2017-04-04 17:59 - Updated: 2025-04-20 01:37

Severity ?

6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
cve@mitre.org	http://www.debian.org/security/2017/dsa-3835
cve@mitre.org	http://www.securityfocus.com/bid/97406	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1038177
cve@mitre.org	https://access.redhat.com/errata/RHSA-2017:1445
cve@mitre.org	https://access.redhat.com/errata/RHSA-2017:1451
cve@mitre.org	https://access.redhat.com/errata/RHSA-2017:1462
cve@mitre.org	https://access.redhat.com/errata/RHSA-2017:1470
cve@mitre.org	https://access.redhat.com/errata/RHSA-2017:1596
cve@mitre.org	https://access.redhat.com/errata/RHSA-2017:3093
cve@mitre.org	https://access.redhat.com/errata/RHSA-2018:2927
cve@mitre.org	https://www.djangoproject.com/weblog/2017/apr/04/security-releases/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2017/dsa-3835
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/97406	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038177
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2017:1445
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2017:1451
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2017:1462
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2017:1470
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2017:1596
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2017:3093
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2927
af854a3a-2127-422b-91ae-364da2661108	https://www.djangoproject.com/weblog/2017/apr/04/security-releases/	Vendor Advisory

Impacted products

Vendor	Product	Version
djangoproject	django	1.8.0
djangoproject	django	1.8.0
djangoproject	django	1.8.0
djangoproject	django	1.8.0
djangoproject	django	1.8.0
djangoproject	django	1.8.1
djangoproject	django	1.8.2
djangoproject	django	1.8.3
djangoproject	django	1.8.4
djangoproject	django	1.8.5
djangoproject	django	1.8.6
djangoproject	django	1.8.7
djangoproject	django	1.8.8
djangoproject	django	1.8.9
djangoproject	django	1.8.10
djangoproject	django	1.8.11
djangoproject	django	1.8.12
djangoproject	django	1.8.13
djangoproject	django	1.8.14
djangoproject	django	1.8.15
djangoproject	django	1.8.16
djangoproject	django	1.8.17
djangoproject	django	1.9
djangoproject	django	1.9
djangoproject	django	1.9
djangoproject	django	1.9
djangoproject	django	1.9
djangoproject	django	1.9.1
djangoproject	django	1.9.2
djangoproject	django	1.9.3
djangoproject	django	1.9.4
djangoproject	django	1.9.5
djangoproject	django	1.9.6
djangoproject	django	1.9.7
djangoproject	django	1.9.8
djangoproject	django	1.9.9
djangoproject	django	1.9.10
djangoproject	django	1.9.11
djangoproject	django	1.9.12
djangoproject	django	1.10.0
djangoproject	django	1.10.0
djangoproject	django	1.10.0
djangoproject	django	1.10.0
djangoproject	django	1.10.1
djangoproject	django	1.10.2
djangoproject	django	1.10.3
djangoproject	django	1.10.4
djangoproject	django	1.10.5
djangoproject	django	1.10.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02D3C0FF-C342-40F1-A187-CD212C16FE8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.0:a1:*:*:*:*:*:*",
              "matchCriteriaId": "85ED1834-500C-4E37-BD51-E42DB28F3B67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.0:b1:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3323E-6AC0-4703-A3A4-A429946B0839",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.0:b2:*:*:*:*:*:*",
              "matchCriteriaId": "7AB300FB-2A7D-498E-891D-E75DCA9ED7A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.0:c1:*:*:*:*:*:*",
              "matchCriteriaId": "1AC1822A-A7FE-4F38-BD5A-74388A5405D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2510BAD7-1FB6-4F6F-A2CC-9DE9AD39B4FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1B388C7-ED4E-4416-969F-32263E7D7AA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "63D36984-4C8E-4CDB-8D15-445705FCECF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B324AE6-ADD8-41B9-B250-A6577ACBB364",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6487058-6768-4AD3-BE27-A0B3D1ACFC08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CFF0538-B111-44A8-ADC2-87E280186257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3343FF8-53EC-459D-B31C-CD363D04FF42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9B637E9-067A-4473-9B50-433CCC177982",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "99A5BF6D-631B-4C8E-9868-579BD79100C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "280B9958-9163-4126-910A-2EF4B408DFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A40373B-301E-4B81-8FA5-28D916142F59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "79BB3174-7859-4195-B7B3-BCAA280A6F80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "42EF41AF-B2FA-468A-B161-D9FE29CE53EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "48DF0100-F98E-4997-A8F7-DC07FA4A06D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECDC5647-8EA7-4595-88C2-541BC489ED2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB571E66-C1B2-4FFD-8265-FB381CF4ACE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "C49F25DA-CD52-49A9-B5BE-63FD399A9813",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "29C40BAC-6DF3-4EA2-A65A-86462DDD8723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9:a1:*:*:*:*:*:*",
              "matchCriteriaId": "0B4797F9-82E9-4BA8-868D-C6F18BA01DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9:b1:*:*:*:*:*:*",
              "matchCriteriaId": "E885D945-FB55-47F4-AA6B-462AFBDAD750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "48BD4296-E83B-4563-9A39-70C95EEAA337",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "F63D8C0A-D93E-4A1F-A8F8-D22314771AD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B754401-8503-4553-853F-4F6BCD2D2FF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "019C26C7-EF1F-45BB-934E-521E2E64452E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18691A7-E4D0-48A4-81A7-89846E991AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C06EBD9-381E-4018-BFDC-E23EA18097B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D134048-B64F-45AE-B4A2-26E516CCF37B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39B83A-C10B-4B88-9491-2FB8B07D6EA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "64A4030E-F51F-4944-BCE7-E27CD32EC7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC1F046-DAF7-4734-9F80-A3C57857AF18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "61EE8536-0E8D-477A-B8EA-817CE21D516A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "483D0F44-15C8-43A2-B3AE-331F40DA1A80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD33E383-2772-4F79-A2C9-4F9EB8FBC8EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D82BAD-B2AE-49FB-AF71-393631D2B29C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D2541CE-0462-46DF-BDD8-C19D6E45140B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.0:a1:*:*:*:*:*:*",
              "matchCriteriaId": "1763E8EB-F943-4A9A-8E19-E6BE9F847DDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.0:b1:*:*:*:*:*:*",
              "matchCriteriaId": "48E20213-67BB-4A16-B961-502BA4E54A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "3C71C2E3-C134-45B0-BDDC-FFE7612AB1EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CE31960-7C68-42F3-B215-B30A87DB67CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3838B8E-8F0E-4F7A-88E6-FFF2590E5302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6C6214-7946-4025-84E6-59448CFE75B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "58182835-CB1F-4490-AE65-90601DBFD0D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AE04CD-E923-4630-9BAA-5A4D5A5D0055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2517FB1C-B732-432B-9F27-EE60F6556433",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an \"on success\" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs \"safe\" when they shouldn\u0027t be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack."
    },
    {
      "lang": "es",
      "value": "Django 1.10 en versiones anteriores a 1.10.7, 1.9 en versiones anteriores a 1.9.13, y 1.8 en versiones anteriores a 1.8.18 se basa en la entrada del usuario en algunos casos para redirigir al usuario a una URL de \"\u00e9xito\". La comprobaci\u00f3n de seguridad de estos redireccionamientos (a saber, `` django.utils.http.is_safe_url()``) considera que algunas URL num\u00e9ricas son \"seguras\" cuando no deber\u00edan serlo, tambi\u00e9n conocida como una vulnerabilidad de redirecci\u00f3n abierta. Adem\u00e1s, si un desarrollador conf\u00eda en `` is_safe_url() `` para proporcionar destinos de redirecci\u00f3n seguros y pone esa URL en un enlace, podr\u00eda sufrir un ataque XSS."
    }
  ],
  "id": "CVE-2017-7233",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-04T17:59:00.273",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2017/dsa-3835"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97406"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1038177"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1445"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1451"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1462"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1470"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1596"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:3093"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2018:2927"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2017/dsa-3835"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97406"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038177"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1451"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1462"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1470"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:3093"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2018:2927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2017-7233

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-7233

Aliases

CVE-2017-7233

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-7233",
    "description": "Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an \"on success\" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs \"safe\" when they shouldn\u0027t be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.",
    "id": "GSD-2017-7233",
    "references": [
      "https://www.suse.com/security/cve/CVE-2017-7233.html",
      "https://www.debian.org/security/2017/dsa-3835",
      "https://access.redhat.com/errata/RHSA-2018:2927",
      "https://access.redhat.com/errata/RHSA-2017:3093",
      "https://access.redhat.com/errata/RHSA-2017:1596",
      "https://access.redhat.com/errata/RHSA-2017:1470",
      "https://access.redhat.com/errata/RHSA-2017:1462",
      "https://access.redhat.com/errata/RHSA-2017:1451",
      "https://access.redhat.com/errata/RHSA-2017:1445",
      "https://ubuntu.com/security/CVE-2017-7233",
      "https://advisories.mageia.org/CVE-2017-7233.html",
      "https://security.archlinux.org/CVE-2017-7233"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-7233"
      ],
      "details": "Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an \"on success\" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs \"safe\" when they shouldn\u0027t be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.",
      "id": "GSD-2017-7233",
      "modified": "2023-12-13T01:21:06.180157Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2017-7233",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an \"on success\" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs \"safe\" when they shouldn\u0027t be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1038177",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1038177"
          },
          {
            "name": "RHSA-2017:1596",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:1596"
          },
          {
            "name": "97406",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/97406"
          },
          {
            "name": "RHSA-2017:3093",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:3093"
          },
          {
            "name": "DSA-3835",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2017/dsa-3835"
          },
          {
            "name": "RHSA-2017:1445",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:1445"
          },
          {
            "name": "RHSA-2017:1451",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:1451"
          },
          {
            "name": "RHSA-2018:2927",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2927"
          },
          {
            "name": "RHSA-2017:1470",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:1470"
          },
          {
            "name": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases/",
            "refsource": "CONFIRM",
            "url": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases/"
          },
          {
            "name": "RHSA-2017:1462",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:1462"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003e=1.11alpha,\u003c1.11||\u003e=1.10.0alpha,\u003c1.10.7||\u003e=1.9.0alpha,\u003c1.9.13||\u003c1.8.18",
          "affected_versions": "All versions starting from 1.11alpha before 1.11, all versions starting from 1.10.0alpha before 1.10.7, all versions starting from 1.9.0alpha before 1.9.13, all versions before 1.8.18",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-601",
            "CWE-937"
          ],
          "date": "2018-10-17",
          "description": "Django relies on user input in some cases (e.g. `django.contrib.auth.views.login()` and i18n) to redirect the user to an \"on success\" URL. The security check for these redirects (namely `django.utils.http.is_safe_url()`) considered some numeric URLs (e.g. http:999999999) \"safe\" when they shouldn\u0027t be. Also, if a developer relies on `is_safe_url()` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.",
          "fixed_versions": [
            "1.10.7",
            "1.11",
            "1.8.18",
            "1.9.13"
          ],
          "identifier": "CVE-2017-7233",
          "identifiers": [
            "CVE-2017-7233"
          ],
          "not_impacted": "All versions before 1.11alpha, all versions starting from 1.11, all versions before 1.10.0alpha, all versions starting from 1.10.7, all versions before 1.9.0alpha, all versions starting from 1.8.18 before 1.9.13",
          "package_slug": "pypi/Django",
          "pubdate": "2017-04-04",
          "solution": "Upgrade to versions 1.10.7, 1.11, 1.8.18, 1.9.13 or above.",
          "title": "Open redirect and possible XSS attack via user-supplied numeric redirect URLs",
          "urls": [
            "https://www.djangoproject.com/weblog/2017/apr/04/security-releases/"
          ],
          "uuid": "3ee25254-38af-494e-9fb9-5e3389d0dcfb"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.0:a1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.0:b1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.10.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.10.0:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.0:b2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.0:c1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.10.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.10.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9:rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.10.0:a1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.10.0:b1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.8.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9:a1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9:b1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.10.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.10.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.9.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-7233"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an \"on success\" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs \"safe\" when they shouldn\u0027t be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-601"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases/",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases/"
            },
            {
              "name": "97406",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/97406"
            },
            {
              "name": "1038177",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1038177"
            },
            {
              "name": "DSA-3835",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2017/dsa-3835"
            },
            {
              "name": "RHSA-2017:3093",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:3093"
            },
            {
              "name": "RHSA-2017:1596",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:1596"
            },
            {
              "name": "RHSA-2017:1470",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:1470"
            },
            {
              "name": "RHSA-2017:1462",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:1462"
            },
            {
              "name": "RHSA-2017:1451",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:1451"
            },
            {
              "name": "RHSA-2017:1445",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:1445"
            },
            {
              "name": "RHSA-2018:2927",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2018:2927"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2018-10-17T10:29Z",
      "publishedDate": "2017-04-04T17:59Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-7233 (GCVE-0-2017-7233)

PYSEC-2017-9

CNVD-2017-10817

GHSA-37HP-765X-J95X

FKIE_CVE-2017-7233

GSD-2017-7233

Tags

Sightings

Nomenclature