Description
Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.
Remediation
References
Related Vulnerabilities
WordPress Plugin Google Pagespeed Insights Cross-Site Scripting (3.0.0)
WordPress Plugin Pluginception Multiple Cross-Site Scripting Vulnerabilities (1.2)
MySQL CVE-2021-2001 Vulnerability (CVE-2021-2001)
Ruby Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31810)
Jboss EAP Credentials Management Errors Vulnerability (CVE-2012-0034)