CVE-2015-6961
Published
CVSS v3
N/A
CVSS v2
5.8
MEDIUM
Affected
1
PROJECT
Description
Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout.
Free and open source full-stack enterprise framework for agile development of secure database-driven web-based applications, written and programmable in Python.
GitHub