Tornado URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2023-28370 - Vulnerability Database

Tornado URL Redirection to Untrusted Site (Open Redirect) Vulnerability - CVE-2023-28370

Medium

Reference: CVE-2023-28370

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-28370

Title: Tornado URL Redirection to Untrusted Site (Open Redirect) Vulnerability

Overview:

Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL.