CVE-2021-32618: Open Redirect in Flask-Security-Too
3.1
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.94695%
CWE
Published
5/17/2021
Updated
9/20/2024
KEV Status
No
Technology
Python
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
Flask-Security-Too | pip | < 4.1.0 | 4.1.0 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from the redirect validation logic in validate_redirect_url. The commit diff shows this function was modified to add a regex-based check (SECURITY_REDIRECT_VALIDATE_RE) to block URLs with patterns like '////' or escaped backslashes. The original implementation relied solely on urlsplit's netloc check, which didn't handle edge cases where browsers auto-correct malformed URLs. The function's inability to detect these browser-normalized URLs made it the root cause of the open redirect vulnerability when Werkzeug's autocorrect_location_header was disabled.