[Security] Unvalidated Redirect in login page
Opened this issue · 0 comments
richcocks commented
Hi,
If I were to link to dbpatterns with this url: http://dbpatterns.com/accounts/login/?next=//malicious.example.com
Then after logging in you are redirected to malicious.example.com.