FKIE_CVE-2017-7233

Vulnerability from fkie_nvd - Published: 2017-04-04 17:59 - Updated: 2025-04-20 01:37
Severity ?
6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.
References
cve@mitre.orghttp://www.debian.org/security/2017/dsa-3835
cve@mitre.orghttp://www.securityfocus.com/bid/97406Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1038177
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:1445
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:1451
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:1462
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:1470
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:1596
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:3093
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2018:2927
cve@mitre.orghttps://www.djangoproject.com/weblog/2017/apr/04/security-releases/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2017/dsa-3835
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/97406Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038177
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1445
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1451
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1462
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1470
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1596
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:3093
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:2927
af854a3a-2127-422b-91ae-364da2661108https://www.djangoproject.com/weblog/2017/apr/04/security-releases/Vendor Advisory
Impacted products
Vendor Product Version
djangoproject django 1.8.0
djangoproject django 1.8.0
djangoproject django 1.8.0
djangoproject django 1.8.0
djangoproject django 1.8.0
djangoproject django 1.8.1
djangoproject django 1.8.2
djangoproject django 1.8.3
djangoproject django 1.8.4
djangoproject django 1.8.5
djangoproject django 1.8.6
djangoproject django 1.8.7
djangoproject django 1.8.8
djangoproject django 1.8.9
djangoproject django 1.8.10
djangoproject django 1.8.11
djangoproject django 1.8.12
djangoproject django 1.8.13
djangoproject django 1.8.14
djangoproject django 1.8.15
djangoproject django 1.8.16
djangoproject django 1.8.17
djangoproject django 1.9
djangoproject django 1.9
djangoproject django 1.9
djangoproject django 1.9
djangoproject django 1.9
djangoproject django 1.9.1
djangoproject django 1.9.2
djangoproject django 1.9.3
djangoproject django 1.9.4
djangoproject django 1.9.5
djangoproject django 1.9.6
djangoproject django 1.9.7
djangoproject django 1.9.8
djangoproject django 1.9.9
djangoproject django 1.9.10
djangoproject django 1.9.11
djangoproject django 1.9.12
djangoproject django 1.10.0
djangoproject django 1.10.0
djangoproject django 1.10.0
djangoproject django 1.10.0
djangoproject django 1.10.1
djangoproject django 1.10.2
djangoproject django 1.10.3
djangoproject django 1.10.4
djangoproject django 1.10.5
djangoproject django 1.10.6
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02D3C0FF-C342-40F1-A187-CD212C16FE8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.0:a1:*:*:*:*:*:*",
              "matchCriteriaId": "85ED1834-500C-4E37-BD51-E42DB28F3B67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.0:b1:*:*:*:*:*:*",
              "matchCriteriaId": "E6E3323E-6AC0-4703-A3A4-A429946B0839",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.0:b2:*:*:*:*:*:*",
              "matchCriteriaId": "7AB300FB-2A7D-498E-891D-E75DCA9ED7A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.0:c1:*:*:*:*:*:*",
              "matchCriteriaId": "1AC1822A-A7FE-4F38-BD5A-74388A5405D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2510BAD7-1FB6-4F6F-A2CC-9DE9AD39B4FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1B388C7-ED4E-4416-969F-32263E7D7AA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "63D36984-4C8E-4CDB-8D15-445705FCECF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B324AE6-ADD8-41B9-B250-A6577ACBB364",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6487058-6768-4AD3-BE27-A0B3D1ACFC08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CFF0538-B111-44A8-ADC2-87E280186257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3343FF8-53EC-459D-B31C-CD363D04FF42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9B637E9-067A-4473-9B50-433CCC177982",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "99A5BF6D-631B-4C8E-9868-579BD79100C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "280B9958-9163-4126-910A-2EF4B408DFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A40373B-301E-4B81-8FA5-28D916142F59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "79BB3174-7859-4195-B7B3-BCAA280A6F80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "42EF41AF-B2FA-468A-B161-D9FE29CE53EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "48DF0100-F98E-4997-A8F7-DC07FA4A06D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECDC5647-8EA7-4595-88C2-541BC489ED2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB571E66-C1B2-4FFD-8265-FB381CF4ACE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.8.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "C49F25DA-CD52-49A9-B5BE-63FD399A9813",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "29C40BAC-6DF3-4EA2-A65A-86462DDD8723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9:a1:*:*:*:*:*:*",
              "matchCriteriaId": "0B4797F9-82E9-4BA8-868D-C6F18BA01DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9:b1:*:*:*:*:*:*",
              "matchCriteriaId": "E885D945-FB55-47F4-AA6B-462AFBDAD750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "48BD4296-E83B-4563-9A39-70C95EEAA337",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "F63D8C0A-D93E-4A1F-A8F8-D22314771AD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B754401-8503-4553-853F-4F6BCD2D2FF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "019C26C7-EF1F-45BB-934E-521E2E64452E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18691A7-E4D0-48A4-81A7-89846E991AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C06EBD9-381E-4018-BFDC-E23EA18097B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D134048-B64F-45AE-B4A2-26E516CCF37B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39B83A-C10B-4B88-9491-2FB8B07D6EA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "64A4030E-F51F-4944-BCE7-E27CD32EC7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC1F046-DAF7-4734-9F80-A3C57857AF18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "61EE8536-0E8D-477A-B8EA-817CE21D516A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "483D0F44-15C8-43A2-B3AE-331F40DA1A80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD33E383-2772-4F79-A2C9-4F9EB8FBC8EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.9.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D82BAD-B2AE-49FB-AF71-393631D2B29C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D2541CE-0462-46DF-BDD8-C19D6E45140B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.0:a1:*:*:*:*:*:*",
              "matchCriteriaId": "1763E8EB-F943-4A9A-8E19-E6BE9F847DDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.0:b1:*:*:*:*:*:*",
              "matchCriteriaId": "48E20213-67BB-4A16-B961-502BA4E54A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "3C71C2E3-C134-45B0-BDDC-FFE7612AB1EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CE31960-7C68-42F3-B215-B30A87DB67CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3838B8E-8F0E-4F7A-88E6-FFF2590E5302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6C6214-7946-4025-84E6-59448CFE75B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "58182835-CB1F-4490-AE65-90601DBFD0D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AE04CD-E923-4630-9BAA-5A4D5A5D0055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2517FB1C-B732-432B-9F27-EE60F6556433",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an \"on success\" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs \"safe\" when they shouldn\u0027t be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack."
    },
    {
      "lang": "es",
      "value": "Django 1.10 en versiones anteriores a 1.10.7, 1.9 en versiones anteriores a 1.9.13, y 1.8 en versiones anteriores a 1.8.18 se basa en la entrada del usuario en algunos casos para redirigir al usuario a una URL de \"\u00e9xito\". La comprobaci\u00f3n de seguridad de estos redireccionamientos (a saber, `` django.utils.http.is_safe_url()``) considera que algunas URL num\u00e9ricas son \"seguras\" cuando no deber\u00edan serlo, tambi\u00e9n conocida como una vulnerabilidad de redirecci\u00f3n abierta. Adem\u00e1s, si un desarrollador conf\u00eda en `` is_safe_url() `` para proporcionar destinos de redirecci\u00f3n seguros y pone esa URL en un enlace, podr\u00eda sufrir un ataque XSS."
    }
  ],
  "id": "CVE-2017-7233",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-04T17:59:00.273",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2017/dsa-3835"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97406"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1038177"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1445"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1451"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1462"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1470"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1596"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:3093"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2018:2927"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2017/dsa-3835"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97406"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038177"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1451"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1462"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1470"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:3093"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2018:2927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.