CVE-2021-23401
Vulnerability (CVE-2021-23401) affects all versions of Flask-User. The issue occurs in the make_safe_url function, which can bypass URL validation and redirect to an arbitrary URL when multiple backslashes are provided (e.g., /////evil.com/path or \\evil.com/path). Exploitation requires either an...