chi Allows Host Header Injection which Leads to Open Redirect in RedirectSlashes
The RedirectSlashes function in middleware/strip.go is vulnerable to host header injection which leads to open redirect.
Advisories for Golang/Github.com/Go-Chi/Chi/V5 package
2025