Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL.
References
Link | Resource |
---|---|
https://github.com/pallets/werkzeug/issues/822 | Issue Tracking Third Party Advisory |
https://github.com/pallets/werkzeug/pull/890/files | Patch Third Party Advisory |
https://github.com/pallets/flask/issues/1639 | Exploit Issue Tracking Third Party Advisory |
Configurations
Information
Published : 2020-11-18 07:15
Updated : 2020-12-01 08:05
NVD link : CVE-2020-28724
Mitre link : CVE-2020-28724
JSON object : View
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Products Affected
palletsprojects
- werkzeug