CVE-2021-27774

User input included in error response, which could be used in a phishing attack.