Safety vulnerability ID: 25709
The information on this page was manually curated by our Cybersecurity Intelligence Team.
The django.http.HttpRequest.get_host function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host header values.
Latest version: 5.1.4
A high-level Python web framework that encourages rapid development and clean, pragmatic design.
The django.http.HttpRequest.get_host function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host header values.
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application