CVE-2024-41810: Twisted vulnerable to HTML injection in HTTP redirect body
The twisted.web.util.redirectTo
function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting (XSS) in the redirect response HTML body.
References
Detect and mitigate CVE-2024-41810 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →