python-fedora 0.8.0 and lower is vulnerable to an open redirect resulting in loss of CSRF protection
fedoraproject python-fedora