Django url exposed due to debug mode enable
The error response contains information related to urls which may help in more sophisticated attacks
Verbose Error Messages (VEM)
How this template works
The template uses API selection filters to specify the criteria for selecting the desired API endpoint. In this case, it filters the response code to be between 200 and 300, and extracts the URL from the response using the "urlVar" variable.
The template executes a single request by modifying the extracted URL with an invalid value appended as "testInvalidUrl". This is done using the "modify_url" action. The modified request is then sent to the API endpoint.
The template validates the response payload by checking if it contains the string "Django tried these url patterns". If the response payload contains this string, the validation is considered successful.
Frequently asked questions
What is the purpose of the "DJANGO_URL_EXPOSED" test in this array
How does the "DJANGO_URL_EXPOSED" test work
What is the impact of Django URL exposure due to debug mode enable
What is the severity level of the "DJANGO_URL_EXPOSED" vulnerability
What are the recommended references for understanding and mitigating the "DJANGO_URL_EXPOSED" vulnerability
What are the tags associated with the "DJANGO_URL_EXPOSED" vulnerability