PT-2026-50157
Name of the Vulnerable Software and Affected Versions Hugo versions 0.91.0 through 0.161.1 Description The resources.GetRemote function enforces the security.http.urls policy on the initial URL provided, but it fails to re-validate intermediate URLs during HTTP 3xx redirects. This allows a truste...