4 matches found
CVE-2026-27982
An open redirect vulnerability exists in django-allauth versions prior to 65.14.1 when SAML IdP initiated SSO is enabled it is disabled by default, which may allow an attacker to redirect users to an arbitrary external website via a crafted URL...
aleksis (>=2022.6.0.post0 <=2023.6.1), aleksis-app-alsijil (>=2.0.0 <=3.0.1) +97 more potentially affected by CVE-2026-27982 via django-allauth (>=0.24.1 <=65.13.1)
django-allauth PYPI version =0.24.1, =2022.6.0.post0, =2.0.0, =1.0.0, =2.0.0, =2.1.0, =2.0.0, =1.0.0.dev0, =0.1.0, =2.0.0, =2.0.0, =0.1.0, =2.0.0, =1.0.0, =0.1.1, =2.0.0.dev0, =2.0.0.dev2 and more Source cves: CVE-2026-27982 Source advisory: OSV:PYSEC-2026-56...
UBUNTU-CVE-2026-27982
An open redirect vulnerability exists in django-allauth versions prior to 65.14.1 when SAML IdP initiated SSO is enabled it is disabled by default, which may allow an attacker to redirect users to an arbitrary external website via a crafted URL...
CVE-2026-27982
CVE-2026-27982 is an open redirect vulnerability in django-allauth prior to 65.14.1 when SAML IdP initiated SSO is enabled (disabled by default). An attacker could abuse a crafted URL to redirect users to an arbitrary external site. Affected product: django-allauth; affected component: SAML IdP i...