CVE-2021-23495

Summary

The package karma before 6.3.16 are vulnerable to Open Redirect due to missing validation of the return_url query parameter.

Affected Software

VendorProductVersion RangeStatus
n/akarmaunspecified < 6.3.16affected

Weaknesses

  • Open Redirect

ADP Enrichment

CVE Program Container

Additional References

References