Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Django Improper Authentication Vulnerability - CVE-2014-0482 - Vulnerability Database
Django

Django Improper Authentication Vulnerability - CVE-2014-0482

Medium
Reference: CVE-2014-0482
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-0482
Title: Django Improper Authentication Vulnerability
Overview:

The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14 1.5.x before 1.5.9 1.6.x before 1.6.6 and 1.7 before release candidate 3 when using the contrib.auth.backends.RemoteUserBackend backend allows remote authenticated users to hijack web sessions via vectors related to the REMOTE_USER header.