Twisted is an event-based framework for internet applications, supporting Python 3.6+. The twisted.web.util.redirectTo function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting (XSS) in the redirect response HTML body. This vulnerability is fixed in 24.7.0rc1.
1.0.11.0.31.0.41.0.51.0.61.0.71.1.01.1.11.2.010.0.0+89 more24.7.0rc1046a164f89a0f08d3239ecebd750360f8914df33Exploitability
AV:NAC:LPR:NUI:RScope
S:CImpact
C:LI:LA:NCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N