mwielgoszewski Doorman Open Redirect Vulnerability

An open redirect vulnerability has been identified in mwielgoszewski Doorman versions through 0.6. The issue arises in the 'is_safe_url' function within 'doorman/users/views.py', where improper validation of the 'next' parameter can be exploited to redirect users to external malicious sites. This vulnerability can be exploited remotely, and a public proof-of-concept is available.

Impact

Exploitation of this vulnerability leads to an open redirect, allowing attackers to manipulate URL redirection to external sites, potentially facilitating phishing attacks.

Reproduction

To reproduce this vulnerability, access the '/login' route and manipulate the 'next' parameter by adding multiple leading slashes before an external domain (e.g., '/////////www.google.com'). The server will process the request and, due to the flawed URL validation, redirect the user to the specified external site.