EPSS
Percentile
83.5%
django is vulnerable to man-in-the-middle attacks. HTTP requests are not redirected to HTTPS in accordance with SECURE_SSL_REDIRECT when deployed behind a reverse-proxy due to incorrect results for is_secure() and build_absolute_uri().
SECURE_SSL_REDIRECT
is_secure()
build_absolute_uri()
www.djangoproject.com/weblog/2019/jul/01/security-releases/