Open redirect in web2py
Moderate severity
GitHub Reviewed
Published
Jun 28, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Jun 27, 2022
Published to the GitHub Advisory Database
Jun 28, 2022
Reviewed
Jul 5, 2022
Last updated
Jan 27, 2023
Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
References