{"id":"PYSEC-2026-112","details":"Products.isurlinportal is a replacement for isURLInPortal method in Plone. Prior to versions 2.1.0, 3.1.0, and 4.0.0, a url /login?came_from=////evil.example may redirect to an external website after login. This issue has been patched in versions 2.1.0, 3.1.0, and 4.0.0.","aliases":["CVE-2026-28413","GHSA-43gx-6gv6-3jcp"],"modified":"2026-05-20T09:19:11.857191Z","published":"2026-03-05T21:16:22.023Z","references":[{"type":"ADVISORY","url":"https://github.com/plone/Products.isurlinportal/security/advisories/GHSA-43gx-6gv6-3jcp"}],"affected":[{"package":{"name":"products-isurlinportal","ecosystem":"PyPI","purl":"pkg:pypi/products-isurlinportal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.1.0"},{"introduced":"3.0.0"},{"fixed":"3.1.0"}]}],"versions":["1.0.0","1.1.0","1.1.1","1.2.0","1.2.1","2.0.0","2.0.1","2.0.2","2.0.3","3.0.0","3.0.1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/products-isurlinportal/PYSEC-2026-112.yaml"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}