Vulnerability	Vulnerable Version
M URL Redirection to Untrusted Site ('Open Redirect') Affected versions of this package are vulnerable to URL Redirection to Untrusted Site ('Open Redirect') via the normalization process of the HTTP Location header due to improper input parsing in the `_make_location_absolute` function. An attacker can redirect users to an attacker-controlled website by manipulating the URL input that lacks a scheme but starts with `//`, which leads the server to treat the subsequent string as the hostname, replacing the original intended destination. How to fix URL Redirection to Untrusted Site ('Open Redirect')? Upgrade `WebOb` to version 1.8.8 or higher.	[,1.8.8)

URL Redirection to Untrusted Site ('Open Redirect')

Affected versions of this package are vulnerable to URL Redirection to Untrusted Site ('Open Redirect') via the normalization process of the HTTP Location header due to improper input parsing in the _make_location_absolute function. An attacker can redirect users to an attacker-controlled website by manipulating the URL input that lacks a scheme but starts with //, which leads the server to treat the subsequent string as the hostname, replacing the original intended destination.

How to fix URL Redirection to Untrusted Site ('Open Redirect')?

Upgrade WebOb to version 1.8.8 or higher.

[,1.8.8)

Go back to all versions of this package