Open redirect vulnerability in werkzeug prior to 0.11.6 via a double slash in the URL.
palletsprojects werkzeug