TandoorRecipes, a Django‑based recipe management platform, historically sets the ALLOWED_HOSTS setting to '*' by default in versions up to 2.5.3. This configuration causes the server to accept any value presented in the HTTP Host header without validation. When the application calls request.build_absolute_uri()—used for generating invite links, API pagination, and OpenAPI schemas—a malicious actor can send requests with a forged Host header and cause the application to generate absolute URLs that point to an attacker‐controlled domain. The most consequential consequence is invite link poisoning: an administrator’s invitation email contains a link that appears legitimate but redirects the recipient to the attacker’s site. When the victim follows the link, the invite token is exposed to the attacker, who can then use the token to log in to the real application as a privileged user. This attack is a classic example of Host Header Injection (CWE‑644) and leads to unauthorized access by stealing privileged tokens.

The affected product is TandoorRecipes:recipes. All releases up to and including version 2.5.3 are vulnerable. No patched or fixed release has been reported at the time of this advisement. Users running any affected release should treat the system as insecure until an updated build is available.

The vulnerability carries a CVSS score of 8.1, indicating high severity. The EPSS score is not published, and it is absent from the CISA KEV catalog, suggesting no widespread exploitation at the moment. However, because an attacker only needs the ability to send HTTP requests to the service, the attack requires remote network access rather than local privilege, making it potentially exploitable over the internet. The lack of any publicly available fix amplifies the risk, as targeted attackers can poison invites and compromise accounts with minimal effort.