Moderate severity vulnerability that affects django

2019-01-04T17:50:17
ID GHSA-H4HV-M4H4-MHWG
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:02:06

Description

A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the django.views.static.serve() view could redirect to any other domain, aka an open redirect vulnerability.