CVE-2021-23435
CVE-2021-23435 affects the Ruby gem clearance (Rails authentication). The open redirect vulnerability occurs when session[:return_to] is set to a value that includes multiple leading slashes (/////example.com), causing a redirect to an external domain after the slashes (e.g., http://example.com)....