EPSS
Percentile
76.9%
HTTPie is vulnerable to open redirection. An attacker is able to redirect a request to an arbitrary URL due to the way an output filename is generated when --download without --output results in a redirect.
--download
--output
lists.opensuse.org/opensuse-security-announce/2019-09/msg00003.html
lists.opensuse.org/opensuse-security-announce/2019-09/msg00022.html
github.com/jakubroztocil/httpie/commit/df36d6255df5793129b02ac82f1010171bd8a0a8
github.com/jakubroztocil/httpie/releases/tag/1.0.3