EPSS
Percentile
30.3%
rdiffweb is vulnerable to open redirect. The vulnerability exists in rdw_app.py due to improper validation of the header value which allows an attacker to redirect the user to supply invalid input.
rdw_app.py
github.com/advisories/GHSA-639f-hxcv-84mc
github.com/ikus060/rdiffweb/commit/5f861670ef8f38ca8eea52a98672d0e0fabb5368
huntr.dev/bounties/77e5f425-c764-4cb0-936a-7a76bfcf19b0
huntr.dev/bounties/77e5f425-c764-4cb0-936a-7a76bfcf19b0/