CVE-2021-23435
gem/clearance
URL Redirection to Untrusted Site (Open Redirect)
This affects the package clearance The vulnerability can be possible when users are able to set the value of session[:return_to]
.
All versions before 2.5.0
Upgrade to version 2.5.0 or above.
2021-09-24
source |