CVE-2026-2153

Summary

A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function is_safe_url of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.

Affected Software

VendorProductVersion RangeStatus
mwielgoszewskidoorman0.1affected
mwielgoszewskidoorman0.2affected
mwielgoszewskidoorman0.3affected
mwielgoszewskidoorman0.4affected
mwielgoszewskidoorman0.5affected
mwielgoszewskidoorman0.6affected

Weaknesses

  • CWE-601: Open Redirect

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References