Medium severity6.1NVD Advisory· Published Mar 26, 2017· Updated Jun 17, 2026
CVE-2017-7266
CVE-2017-7266
Description
Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout functionality accepted the "next" parameter which then redirects to any domain irrespective of the Host header.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
security_monkeyPyPI | < 0.8.0 | 0.8.0 |
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/Netflix/security_monkey/commit/3b4da13efabb05970c80f464a50d3c1c12262466nvdPatchThird Party AdvisoryWEB
- github.com/Netflix/security_monkey/pull/482nvdThird Party AdvisoryWEB
- github.com/Netflix/security_monkey/releases/tag/v0.8.0nvdRelease NotesThird Party AdvisoryWEB
- github.com/advisories/GHSA-j6jq-3q8p-xgg6ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-7266ghsaADVISORY
- web.archive.org/web/20201220170714/http://www.securityfocus.com/bid/97088ghsaWEB
- www.securityfocus.com/bid/97088nvd
News mentions
0No linked articles in our index yet.