CVE-2011-0696
published 2011-02-14CVE-2011-0696: Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for…
PriorityP426medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.59%
72.6th percentile
Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged AJAX requests that leverage a "combination of browser plugins and redirects," a related issue to CVE-2011-0447.
Affected
35 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| actionpack_project | actionpack | >= 2.1.0 < 2.3.11 | 2.3.11 |
| actionpack_project | actionpack | >= 3.0.0 < 3.0.4 | 3.0.4 |
| debian | python-django | < python-django 1.2.5-1 (bookworm) | python-django 1.2.5-1 (bookworm) |
| debian | rails | < rails 2.3.11-0.1 (bookworm) | rails 2.3.11-0.1 (bookworm) |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | >= 1.1 < 1.1.4 | 1.1.4 |
| djangoproject | django | >= 1.2 < 1.2.5 | 1.2.5 |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
ghsa6.8MEDIUM
osv6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_ubuntu6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Cross-site request forgery in Django
ghsa·2018-07-23·CVSS 6.8
CVE-2011-0696 [MEDIUM] CWE-352 Cross-site request forgery in Django
Cross-site request forgery in Django
Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged AJAX requests that leverage a "combination of browser plugins and redirects," a related issue to CVE-2011-0447.
OSV
Cross-site request forgery in Django
osv·2018-07-23·CVSS 6.8
CVE-2011-0696 [MEDIUM] Cross-site request forgery in Django
Cross-site request forgery in Django
Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged AJAX requests that leverage a "combination of browser plugins and redirects," a related issue to CVE-2011-0447.
GHSA
actionpack Cross-Site Request Forgery vulnerability
ghsa·2017-10-24·CVSS 6.8
CVE-2011-0447 [MEDIUM] CWE-352 actionpack Cross-Site Request Forgery vulnerability
actionpack Cross-Site Request Forgery vulnerability
Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged (1) AJAX or (2) API requests that leverage "combinations of browser plugins and HTTP redirects," a related issue to CVE-2011-0696.
OSV
actionpack Cross-Site Request Forgery vulnerability
osv·2017-10-24·CVSS 6.8
CVE-2011-0447 [MEDIUM] actionpack Cross-Site Request Forgery vulnerability
actionpack Cross-Site Request Forgery vulnerability
Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged (1) AJAX or (2) API requests that leverage "combinations of browser plugins and HTTP redirects," a related issue to CVE-2011-0696.
OSV
CVE-2011-0696: Django 1
osv·2011-02-14·CVSS 6.8
CVE-2011-0696 [MEDIUM] CVE-2011-0696: Django 1
Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged AJAX requests that leverage a "combination of browser plugins and redirects," a related issue to CVE-2011-0447.
OSV
CVE-2011-0447: Ruby on Rails 2
osv·2011-02-14·CVSS 6.8
CVE-2011-0447 [MEDIUM] CVE-2011-0447: Ruby on Rails 2
Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged (1) AJAX or (2) API requests that leverage "combinations of browser plugins and HTTP redirects," a related issue to CVE-2011-0696.
Ubuntu
Django vulnerabilities
vendor_ubuntu·2011-02-17·CVSS 6.8
CVE-2011-0696 [MEDIUM] Django vulnerabilities
Title: Django vulnerabilities
Summary: Attackers could use Django to perform web-based attacks.
It was discovered that Django did not properly validate HTTP requests that
contain an X-Requested-With header. An attacker could exploit this
vulnerability to perform cross-site request forgery (CSRF) attacks.
(CVE-2011-0696)
It was discovered that Django did not properly sanitize its input when
performing file uploads, resulting in cross-site scripting (XSS)
vulnerabilities. With cross-site scripting vulnerabilities, if a user were
tricked into viewing server output during a crafted server request, a
remote attacker could exploit this to modify the contents, or steal
confidential data, within the same domain. (CVE-2011-0697)
Instructions: ATTENTION: This update introduces a small backwards-
Debian
CVE-2011-0447: rails - Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does ...
vendor_debian·2011·CVSS 6.8
CVE-2011-0447 [MEDIUM] CVE-2011-0447: rails - Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does ...
Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged (1) AJAX or (2) API requests that leverage "combinations of browser plugins and HTTP redirects," a related issue to CVE-2011-0696.
Scope: local
bookworm: resolved (fixed in 2.3.11-0.1)
bullseye: resolved (fixed in 2.3.11-0.1)
forky: resolved (fixed in 2.3.11-0.1)
sid: resolved (fixed in 2.3.11-0.1)
trixie: resolved (fixed in 2.3.11-0.1)
Debian
CVE-2011-0696: python-django - Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP...
vendor_debian·2011·CVSS 6.8
CVE-2011-0696 [MEDIUM] CVE-2011-0696: python-django - Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP...
Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged AJAX requests that leverage a "combination of browser plugins and redirects," a related issue to CVE-2011-0447.
Scope: local
bookworm: resolved (fixed in 1.2.5-1)
bullseye: resolved (fixed in 1.2.5-1)
forky: resolved (fixed in 1.2.5-1)
sid: resolved (fixed in 1.2.5-1)
trixie: resolved (fixed in 1.2.5-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-0447 rubygem-actionpack: CSRF flaws due improper validation of HTTP headers containing X-Requested-With header
bugzilla·2011-02-15·CVSS 6.8
CVE-2011-0447 [MEDIUM] CVE-2011-0447 rubygem-actionpack: CSRF flaws due improper validation of HTTP headers containing X-Requested-With header
CVE-2011-0447 rubygem-actionpack: CSRF flaws due improper validation of HTTP headers containing X-Requested-With header
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-0447 to
the following vulnerability:
Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before
3.0.4, does not properly validate HTTP requests that contain an
X-Requested-With header, which makes it easier for remote attackers to
conduct cross-site request forgery (CSRF) attacks via forged (1) AJAX
or (2) API requests that leverage "combinations of browser plugins and
HTTP redirects," a related issue to CVE-2011-0696.
References:
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0447
[2] http://groups.google.com/group/rubyonrails-security/msg/c22ea1668c0d181c?dmode=source&output=gpl
Bugzilla
CVE-2011-0696 CVE-2011-0697 Django various flaws [fedora-all]
bugzilla·2011-02-09·CVSS 6.8
CVE-2011-0696 [MEDIUM] CVE-2011-0696 CVE-2011-0697 Django various flaws [fedora-all]
CVE-2011-0696 CVE-2011-0697 Django various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=676357
Please note: this issue affects multiple supported ve
Bugzilla
CVE-2011-0696 django Flaw in CSRF handling
bugzilla·2011-02-09·CVSS 6.8
CVE-2011-0696 [MEDIUM] CVE-2011-0696 django Flaw in CSRF handling
CVE-2011-0696 django Flaw in CSRF handling
http://www.djangoproject.com/weblog/2011/feb/08/security/
Django includes a CSRF-protection mechanism, which makes use of a token
inserted into outgoing forms. Middleware then checks for the token's
presence on form submission, and validates it.
Previously, however, our CSRF protection made an exception for AJAX
requests, on the following basis:
1. Many AJAX toolkits add an X-Requested-With header when using
XMLHttpRequest.
2. Browsers have strict same-origin policies regarding XMLHttpRequest.
3. In the context of a browser, the only way that a custom header of
this nature can be added is with XMLHttpRequest.
Therefore, for ease of use, we did not apply CSRF checks to requests that
appeared to be AJAX on the basis of the X-Requested-With head
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054207.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-February/054208.htmlhttp://openwall.com/lists/oss-security/2011/02/09/6http://secunia.com/advisories/43230http://secunia.com/advisories/43297http://secunia.com/advisories/43382http://secunia.com/advisories/43426http://www.debian.org/security/2011/dsa-2163http://www.djangoproject.com/weblog/2011/feb/08/security/http://www.mandriva.com/security/advisories?name=MDVSA-2011:031http://www.securityfocus.com/bid/46296http://www.ubuntu.com/usn/USN-1066-1http://www.vupen.com/english/advisories/2011/0372http://www.vupen.com/english/advisories/2011/0388http://www.vupen.com/english/advisories/2011/0429http://www.vupen.com/english/advisories/2011/0439http://www.vupen.com/english/advisories/2011/0441https://bugzilla.redhat.com/show_bug.cgi?id=676357http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054207.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-February/054208.htmlhttp://openwall.com/lists/oss-security/2011/02/09/6http://secunia.com/advisories/43230http://secunia.com/advisories/43297http://secunia.com/advisories/43382http://secunia.com/advisories/43426http://www.debian.org/security/2011/dsa-2163http://www.djangoproject.com/weblog/2011/feb/08/security/http://www.mandriva.com/security/advisories?name=MDVSA-2011:031http://www.securityfocus.com/bid/46296http://www.ubuntu.com/usn/USN-1066-1http://www.vupen.com/english/advisories/2011/0372http://www.vupen.com/english/advisories/2011/0388http://www.vupen.com/english/advisories/2011/0429http://www.vupen.com/english/advisories/2011/0439http://www.vupen.com/english/advisories/2011/0441https://bugzilla.redhat.com/show_bug.cgi?id=676357
2011-02-14
Published