CVE-2018-14574
CVE-2018-14574
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS —EPSS 25.5%KEV nãoPoC —Nuclei simMetasploit —Patch referenciado
Lifecycle
03 Aug 2018Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.
Affected products
n/a · n/a