CVE-2021-23401

URL Redirection to Untrusted Site (Open Redirect) in pypi/Flask-User

Identifiers

CVE-2021-23401

Package Slug

pypi/Flask-User

Vulnerability

URL Redirection to Untrusted Site (Open Redirect)

Description

When using the make_safe_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes.

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-07-12

source