Low severityNVD Advisory· Published Jan 8, 2025· Updated Apr 15, 2026
CVE-2024-53995
CVE-2024-53995
Description
SickChill is an automatic video library manager for TV shows. A user-controlled login endpoint's next_ parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open redirect. Commit c7128a8946c3701df95c285810eb75b2de18bf82 changes the login page to redirect to settings.DEFAULT_PAGE instead of to the next parameter.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
sickchillPyPI | <= 2024.3.1 | — |
Patches
1c7128a8946c3Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
7- github.com/advisories/GHSA-6gf2-ffq8-gcwwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-53995ghsaADVISORY
- securitylab.github.com/advisories/GHSL-2024-283_GHSL-2024-291_sickchill_sickchillghsaADVISORY
- github.com/SickChill/sickchill/blob/846adafdfab579281353ea08a27bbb813f9a9872/sickchill/views/authentication.pynvdWEB
- github.com/SickChill/sickchill/commit/c7128a8946c3701df95c285810eb75b2de18bf82nvdWEB
- github.com/SickChill/sickchill/pull/8811nvdWEB
- securitylab.github.com/advisories/GHSL-2024-283_GHSL-2024-291_sickchill_sickchill/nvd
News mentions
0No linked articles in our index yet.