0.001 Low
EPSS
Percentile
31.0%
karma is susceptible to open redirect attacks. The attack exists because the return_url query parameter is not properly validated, allowing an attacker to inject a malicious URL through to the system.
return_url query
github.com/karma-runner/karma/commit/ff7edbb2ffbcdd69761bece86b7dc1ef0740508d