Unknown · Allauth-Django · CVE-2026-27982
**Name of the Vulnerable Software and Affected Versions**
django-allauth versions prior to 65.14.1
**Description**
An open redirect issue exists when SAML IdP initiated SSO is enabled, which is disabled by default. This may allow an attacker to redirect users to an arbitrary external website through a crafted URL.
**Recommendations**
Update to django-allauth version 65.14.1 or later.