CVE-2019-7313
Published
CVSS v3
N/A
CVSS v2
5.8
MEDIUM
Affected
1
PROJECT
Description
www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain.
Python-based continuous integration testing framework; your pull requests are more than welcome!
GitHub