Description
Django before 1.2.7 and 1.3.x before 1.3.1 uses a request's HTTP Host header to construct a full URL in certain circumstances, which allows remote attackers to conduct cache poisoning attacks via a crafted request.
Remediation
References
Related Vulnerabilities
WordPress 5.7.x Directory Traversal (5.7 - 5.7.11)
Django Improper Input Validation Vulnerability (CVE-2023-31047)
Django Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-45116)
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-22721)
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1453)