Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue in which an authentication token is sent to the redirection target, if the target is specified using a certain %40 syntax. This is fixed in 10.1.
CPE | Name | Operator | Version |
---|---|---|---|
sitefinity | eq | 9.1 |