Moderate severityNVD Advisory· Published Mar 5, 2023· Updated Mar 7, 2025
CVE-2023-22432
CVE-2023-22432
Description
Open redirect vulnerability exists in web2py versions prior to 2.23.1. When using the tool, a web2py user may be redirected to an arbitrary website by accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
web2pyPyPI | < 2.23.1 | 2.23.1 |
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-w4r7-vm83-q2c7ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-22432ghsaADVISORY
- web2py.comghsaWEB
- web2py.com/init/default/downloadghsaWEB
- jvn.jp/en/jp/JVN78253670ghsaWEB
- web2py.commitre
- jvn.jp/en/jp/JVN78253670/mitre
News mentions
0No linked articles in our index yet.