Advisories for Pypi/Django-Revproxy package

2015

Open Redirect attacks

Shis package are vulnerable to Open Redirect attacks. When a colon is present in the URL path, the urljoin method ignores the upstream request and redirects it to a path cntrolled by an attacker, possibly causing content injection.