Web2Py · Web2Py · CVE-2026-25198
**Name of the Vulnerable Software and Affected Versions**
web2py versions 2.27.1-stable+timestamp.2023.11.16.08.03.57 and prior
**Description**
The software contains an open redirect issue. Successful exploitation could allow a user to be redirected to a website chosen by an attacker when accessing a crafted URL, potentially leading to a phishing attack.
**Recommendations**
Update web2py to a version later than 2.27.1-stable+timestamp.2023.11.16.08.03.57.