Description
A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function is_safe_url of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
Published: 2026-02-08
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Open Redirect
Action: Apply Patch
AI Analysis

Impact

The vulnerability resides in the is_safe_url function within doorman's users/views.py. By tampering with the Next argument, an attacker can forge a redirect to an arbitrary external site, enabling phishing or malicious content delivery. This flaw allows a remote attacker to control the destination URL issued by the application.

Affected Systems

The issue affects the mwielgoszewski doorman application up to version 0.6. Users running any release preceding 0.7 are potentially exposed.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity, while the EPSS score of less than 1 % reflects a very low probability of exploitation at present. The flaw is not listed in the CISA KEV database, but public exploit code has been shared and the attack can be carried out remotely. The open‑redirect functionality creates an attack surface that could be leveraged for credential phishing or malware delivery, with no authentication or privilege requirement.

Generated by OpenCVE AI on April 17, 2026 at 21:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to the latest release of doorman, which removes the vulnerable is_safe_url implementation.
  • If an upgrade is not immediately available, tighten redirect validation by restricting the Next parameter to a whitelist of approved domains or the same origin using Django’s safe URL utilities.
  • Eliminate the use of the Next query argument in redirect logic to prevent the attack vector entirely.

Generated by OpenCVE AI on April 17, 2026 at 21:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 05 Mar 2026 21:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mwielgoszewski:doorman:*:*:*:*:*:*:*:*

Tue, 10 Feb 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 09 Feb 2026 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Mwielgoszewski
Mwielgoszewski doorman
Vendors & Products Mwielgoszewski
Mwielgoszewski doorman

Sun, 08 Feb 2026 13:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function is_safe_url of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
Title mwielgoszewski doorman views.py is_safe_url redirect
Weaknesses CWE-601
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Mwielgoszewski Doorman
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-02-23T09:42:07.221Z

Reserved: 2026-02-07T08:18:21.728Z

Link: CVE-2026-2153

cve-icon Vulnrichment

Updated: 2026-02-10T19:59:29.492Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-08T13:16:04.657

Modified: 2026-03-05T21:29:17.070

Link: CVE-2026-2153

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T22:00:11Z

Weaknesses