python-fedora is vulnerable to open redirects. The library does not check if urls passed to it are remote urls, allowing a malicious user to pass a remote malicious url to the application to cause open redirects and possibly leak CSRF tokens.
CPE | Name | Operator | Version |
---|---|---|---|
python-fedora | le | 0.8.0 |