An open redirect vulnerability exposes OpenCATS to template injection due to improper validation of user-supplied GET parameters.
opencats opencats 0.9.6