Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Django Permissions Privileges and Access Controls Vulnerability - CVE-2016-9014 - Vulnerability Database
Django

Django Permissions Privileges and Access Controls Vulnerability - CVE-2016-9014

High
Reference: CVE-2016-9014
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-9014
Title: Django Permissions Privileges and Access Controls Vulnerability
Overview:

Django before 1.8.x before 1.8.16 1.9.x before 1.9.11 and 1.10.x before 1.10.3 when settings.DEBUG is True allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.