PT-2026-49596
Name of the Vulnerable Software and Affected Versions starlette versions prior to 1.3.1 Description The HTTP request path is not validated before being used to reconstruct request.url. When a path does not begin with /, such as @google.com, it is concatenated as scheme://hostpath. This shifts the...