Jugmac00

**Name of the Vulnerable Software and Affected Versions** Products.PluggableAuthService versions prior to 2.6.1 **Description** The issue is an open redirect vulnerability, where a maliciously crafted link to the login form and login functionality could redirect the browser to a different website. **Recommendations** For versions prior to 2.6.1, update to version 2.6.1 by changing the buildout version pin to `2.6.1` and re-running the buildout, or by using `pip install "Products.PluggableAuthService>=2.6.1"`.