CVE-2026-25198 – Web2py Open Redirect Vulnerability

CVE ID : CVE-2026-25198

Published : Feb. 5, 2026, 8:16 a.m. | 1 hour, 2 minutes ago

Description : web2py versions 2.27.1-stable+timestamp.2023.11.16.08.03.57 and prior contain an open redirect vulnerability. If this vulnerability is exploited, the user may be redirected to an arbitrary website when accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack.

Severity: 5.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…