Ksg97031

**Name of the Vulnerable Software and Affected Versions** django-grappelli versions prior to 2.15.2 **Description** The issue arises from the `views/switch.py` file in django-grappelli, which attempts to prevent external redirection by checking if a URL starts with `/`. However, this approach does not account for protocol-relative URLs, such as `//example.com`, making it vulnerable to attack. **Recommendations** For versions prior to 2.15.2, update to version 2.15.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `views/switch.py` file until a patch is available.