Security Advisory

CVE-2019-12781

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-01 13:56:37

Last updated 2024-08-04 23:32:54

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.

← Browse all CVEs View on cve.org ↗