DjangoBlog <=2.1.0.0 Security Misconfiguration and Hardcoded Credentials

Vulnerability Summary Overview Vulnerability ID: Submit #790313 Vulnerability Title: liangliangyy DjangoBlog <= 2.1.0.0 Security Misconfiguration + Hardcoded Credentials Description: - DjangoBlog configures with the wildcard via , disabling Django's Host header validation. This allows HTTP Host header injection attacks, including cache poisoning and password reset link hijacking. - DjangoBlog has weak authentication on the file upload endpoint located at via . The endpoint is decorated with and authenticated only by a static HMAC signature derived from Django's . Since has a hardcoded fallback (see separate CVE for Vuln 3), the upload signature can be computed by anyone, enabling unauthenticated arbitrary file uploads. Impact Scope Affected Versions: DjangoBlog <= 2.1.0.0 Vulnerability Type: Security Misconfiguration + Hardcoded Credentials Specific Impacts: - HTTP Host header injection attacks - Cache poisoning - Password reset link hijacking - Unauthenticated arbitrary file upload Remediation Remediation Recommendations: - When configuring , avoid using the wildcard ; explicitly specify allowed domains. - Remove or modify the hardcoded to ensure its security. - Strengthen the authentication mechanism of the file upload endpoint, avoiding reliance solely on static HMAC signatures. POC Code

Goal Reached Thanks to every supporter — we hit 100%!

DjangoBlog <=2.1.0.0 Security Misconfiguration and Hardcoded Credentials