{"uuid": "56ba7423-78aa-45fb-af7c-4760e111e4d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48710", "type": "seen", "source": "https://gist.github.com/ftnext/5e100b157e57e68e4c1aee0f43da8593", "content": "# https://github.com/ftnext/fastapi-playground/blob/aeda2c2992f446a58bf43f176b31ad523d85715f/starlette-cve-2026-48710-badhost/run_starlette_app.py\nfrom starlette.applications import Starlette\nfrom starlette.middleware import Middleware\nfrom starlette.middleware.base import BaseHTTPMiddleware\nfrom starlette.responses import PlainTextResponse\nfrom starlette.routing import Route\nfrom starlette.testclient import TestClient\n\n\nclass AuthMiddleware(BaseHTTPMiddleware):\n    async def dispatch(self, request, call_next):\n        print(f\"{request.url=}, {request.url.path=}\")\n        if request.url.path == \"/\":\n            return await call_next(request)\n        return PlainTextResponse(\"Forbidden\\n\", status_code=403)\n\n\nasync def root(request):\n    return PlainTextResponse(\"Hello, world\\n\")\n\n\nasync def admin(request):\n    return PlainTextResponse(\"secret=123\\n\")\n\n\nroutes = [\n    Route(\"/\", endpoint=root),\n    Route(\"/admin\", endpoint=admin),\n]\napp = Starlette(routes=routes, middleware=[Middleware(AuthMiddleware)])\n\nclient = TestClient(app)\n\nres1 = client.get(\"/admin\", headers={\"Host\": \"foo\"})\nassert res1.status_code == 403, f\"{res1.text=}\"\nres2 = client.get(\"/admin\", headers={\"Host\": \"foo/?\"})\nassert res2.status_code == 403, f\"{res2.text=}\"\n", "creation_timestamp": "2026-05-30T13:28:23.000000Z"}