CVE-2026-2153

MEDIUM 4.3

mwielgoszewski doorman views.py is_safe_url redirect

CVSS Score

4.3

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function is_safe_url of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.

CWE	CWE-601
Vendor	mwielgoszewski
Product	doorman
Published	Feb 8, 2026
Last Updated	Feb 23, 2026

Stay Ahead of the Next One

Get instant alerts for mwielgoszewski doorman

Be the first to know when new medium vulnerabilities affecting mwielgoszewski doorman are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

mwielgoszewski / doorman

0.1 0.2 0.3 0.4 0.5 0.6

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.344855 vuldb.com: https://vuldb.com/?ctiid.344855 vuldb.com: https://vuldb.com/?submit.748072 gist.github.com: https://gist.github.com/RacerZ-fighting/39f230feb0e450ae54f0a80c63c5d924

Credits

🔍 RacerZ (VulDB User)