Open Redirect attacks
Shis package are vulnerable to Open Redirect attacks. When a colon is present in the URL path, the urljoin method ignores the upstream request and redirects it to a path cntrolled by an attacker, possibly causing content injection.