GHSA-H4HV-M4H4-MHWG Django open redirect

A maliciously crafted URL to a Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 site using the django.views.static.serve view could redirect to any other domain, aka an open redirect vulnerability...

PT-2017-17596 · Django Software Foundation +2 · Django +2

Name of the Vulnerable Software and Affected Versions: Django versions 1.8 through 1.8.18 Django versions 1.9 through 1.9.13 Django versions 1.10 through 1.10.7 Description: A maliciously crafted URL to a Django site using the django.views.static.serve view could redirect to any other domain. Thi...