CVE-2021-23401
pypi/Flask-User
URL Redirection to Untrusted Site (Open Redirect)
When using the make_safe_url
function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes.
All versions
Unfortunately, there is no solution available yet.
2021-07-12
source |