TAKUTO YOSHIKAI Web Developer, Security Researcher, Bug Hunter Personal Works HONJA (Repository) | COWAKÉ Reported CVE CVE-2022-34265 (Django SQL Injection) | CVE-2023-22432 (web2py Open Redirect)
Open redirect vulnerability exists in web2py versions before 2.23.1. When using the tool, a web2py user may be redirected to an arbitrary website by accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
web2py web2py |