Headline
GHSA-cgrj-xjm7-9q27: Open redirect in web2py
Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
Open redirect in web2py
High severity GitHub Reviewed Published Jun 28, 2022 • Updated Jul 5, 2022
Related news
CVE-2022-33146: improved open redirect prevention · web2py/web2py@d980560
Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.