CVE-2020-12666

CVE-2020-12666 is an open redirect in the macaron web framework (gopkg.in/macaron.v1) — specifically in the static handler. The root cause is improper request sanitization, allowing a crafted URL to redirect to an attacker-chosen URL. Remediation documented across sources: upgrade to macaron 1.3....