VYPR
Medium severity6.1NVD Advisory· Published Jul 29, 2024· Updated Jun 17, 2026

CVE-2024-41810

CVE-2024-41810

Description

Twisted is an event-based framework for internet applications, supporting Python 3.6+. The twisted.web.util.redirectTo function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting (XSS) in the redirect response HTML body. This vulnerability is fixed in 24.7.0rc1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
twistedPyPI
< 24.7.0rc124.7.0rc1

Affected products

29

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.