Published: 18/12/2019 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 447

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Django prior to 1.11.27, 2.x prior to 2.2.9, and 3.x prior to 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an malicious user to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)

Vulnerable Product	Search on Vulmon	Subscribe to Product
djangoproject django
djangoproject django 3.0
canonical ubuntu linux 16.04
canonical ubuntu linux 18.04
canonical ubuntu linux 19.04
canonical ubuntu linux 19.10

Debian Bug report logs - #946937 python-django: CVE-2019-19844: Potential account hijack via password reset form Package: python-django; Maintainer for python-django is Debian Python Modules Team <python-modules-team@listsaliothdebianorg>; Source for python-django is src:python-django (PTS, buildd, popcon) Reported by: "C ...

Django accounts could be hijacked through password reset requests ...

Simon Charette reported that the password reset functionality in Django, a high-level Python web development framework, uses a Unicode case-insensitive query to retrieve accounts matching the email address requesting the password reset An attacker can take advantage of this flaw to potentially retrieve password reset tokens and hijack accounts Fo ...

Django's password-reset form uses a case-insensitive query to retrieve accounts matching the email address requesting the password reset Because this typically involves explicit or implicit case transformations, an attacker who knows the email address associated with a user account can craft an email address which is distinct from the address asso ...

PoC for CVE-2019-19844 ( https://www.djangoproject.com/weblog/2019/dec/18/security-releases/ )

django_cve_2019_19844_poc PoC for CVE-2019-19844 Requirements Python 37x PostgreSQL 95 or higher Setup Create database(eg django_cve_2019_19844_poc) Set the database name to the environment variable DJANGO_DATABASE_NAME(eg export DJANGO_DATABASE_NAME=django_cve_2019_19844_poc) Run pip install -r requirementstxt && /managepy migrate --noinput Create

PoC for CVE-2019-19844(https://www.djangoproject.com/weblog/2019/dec/18/security-releases/)

django_cve_2019_19844_poc PoC for CVE-2019-19844 Requirements Python 37x PostgreSQL 95 or higher Setup Create database(eg django_cve_2019_19844_poc) Set the database name to the environment variable DJANGO_DATABASE_NAME(eg export DJANGO_DATABASE_NAME=django_cve_2019_19844_poc) Run pip install -r requirementstxt && /managepy migrate --noinput Create

CVE-2019-19844 Docker Edition

django_cve_2019_19844_poc PoC for CVE-2019-19844 Setup docker-compose run --service-ports web python managepy migrate --no-input docker-compose run --service-ports web python managepy createsuperuser --email=me@0xshaio --username 0xsha Head on to localhost:8000/accounts/password-reset me@0xshaıo and hit enter (Note that "i" is malformed) Check the console

django_cve_2019_19844_poc PoC for CVE-2019-19844 Setup Run docker-compose up --build Procedure For Reproducing Open 127001:8000/accounts/password-reset/ Input mıke@exampleorg (Attacker's email), and click send button Receive email (Check console), and reset password Login as mike123 user

k8s-django-app About This repository is a demonstration of how to deploy a Django based application in a highly availabilible and scalable kubernetes environment Using as model the repo django-realworld-example-app by gothinkster How to Requirements Git versioning control system installed Docker or other container platform of your choice installed Kind or other tool for r

天天生鲜-django22版本简介本项目替换原项目框架django18为最新版的django225（已修复为2210），该项目包含了实际开发中的电商项目中大部分的功能开发和知识点实践，是一个非常不错的django学习项目，同时也记录在替换框架中遇到的坑，所遇到的django1x和2x的区别，希望对各位的学�

天天生鲜-django22版本帮人做的毕业设计 fork 自 githubcom/Pad0y/Django2_dailyfresh 大部分提交在码云上完成，因为网络问题没同步更新到github 修改如下：修改了大部分代码包的导入方式（原来clone下来在Pycharm下直接一大片飘红），并运行服务，调通了支付宝支付接口，删除了可能�

CWE-640 https://www.djangoproject.com/weblog/2019/dec/18/security-releases/https://docs.djangoproject.com/en/dev/releases/security/https://usn.ubuntu.com/4224-1/https://www.debian.org/security/2020/dsa-4598 https://seclists.org/bugtraq/2020/Jan/9 http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html https://security.netapp.com/advisory/ntap-20200110-0003/https://security.gentoo.org/glsa/202004-17 https://groups.google.com/forum/#%21topic/django-announce/3oaB2rVH3a0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937 https://usn.ubuntu.com/4224-1/https://nvd.nist.gov

CVE-2019-19844

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect