CVE-2026-2153

Name of the Vulnerable Software and Affected Versions mwielgoszewski doorman versions prior to 0.7

Description A flaw exists in the is safe url function within the doorman/users/views.py file. Manipulation of the Next argument can result in an open redirect. This issue can be exploited remotely. The exploit has been publicly disclosed.

Recommendations Update to version 0.7 or later. As a temporary workaround, consider restricting or validating the Next parameter to prevent redirection to untrusted URLs.