Description
In WordPress before 4.7.3 (wp-includes/pluggable.php), control characters can trick redirect URL validation.
Remediation
References
Related Vulnerabilities
Joomla! Core 1.5.x Multiple SQL Injection Vulnerabilities (1.5.0 - 1.5.21)
WordPress Plugin OneLogin SAML SSO Unspecified Vulnerability (2.1.8)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0799)
WordPress Plugin Knews Multilingual Newsletters SQL Injection (1.7.0)