Humblelado

**Name of the Vulnerable Software and Affected Versions** Submitty versions 20.04.01 and earlier **Description** The issue is related to an open redirect via the "authentication/login?old=" endpoint during an invalid login attempt. **Recommendations** For Submitty versions 20.04.01 and earlier, as a temporary workaround, consider restricting access to the "authentication/login?old=" endpoint until a patch is available.