mwielgoszewski doorman views.py is_safe_url redirect_CVE-2026-2153

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function is_safe_url of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.

Basic Information

ID CVE-2026-2153

Source VulDB

Published Feb 8, 2026 at 13:02

Affected Product

Vendor mwielgoszewski

Product doorman

Version 0.1

Affected Versions mwielgoszewski doorman 0.1
mwielgoszewski doorman 0.2
mwielgoszewski doorman 0.3
mwielgoszewski doorman 0.4
mwielgoszewski doorman 0.5
mwielgoszewski doorman 0.6

CWE Classification

CWE-601

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function is_safe_url of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.",
    "published": "2026-02-08T13:02:06.622Z",
    "modified": "2026-02-08T13:02:06.622Z",
    "type": "cve",
    "title": "mwielgoszewski doorman views.py is_safe_url redirect",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.344855\nhttps://vuldb.com/?ctiid.344855\nhttps://vuldb.com/?submit.748072\nhttps://gist.github.com/RacerZ-fighting/39f230feb0e450ae54f0a80c63c5d924",
    "id": "CVE-2026-2153",
    "bulletinFamily": "",
    "cwe": [
        "CWE-601"
    ],
    "cvelist": null,
    "sourceData": "mwielgoszewski doorman 0.1\nmwielgoszewski doorman 0.2\nmwielgoszewski doorman 0.3\nmwielgoszewski doorman 0.4\nmwielgoszewski doorman 0.5\nmwielgoszewski doorman 0.6",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "doorman",
    "version": "0.1",
    "vendor": "mwielgoszewski",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}