CVE-2021-23401

Name of the Vulnerable Software and Affected Versions Flask-User versions all

Description The issue affects the make safe url function, allowing an attacker to bypass URL validation and redirect a user to an arbitrary URL by providing multiple backslashes, such as /////evil.com/path or evil.com/path. This is only exploitable if an alternative WSGI server other than Werkzeug is used, or the default behavior of Werkzeug is modified using autocorrect location header=False.

Recommendations As a temporary workaround, consider disabling the make safe url function until a patch is available. Restrict access to the make safe url function to minimize the risk of exploitation. Avoid using the make safe url function with alternative WSGI servers or modified Werkzeug behavior until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.