{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2153", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-02-07T08:18:21.728Z", "datePublished": "2026-02-08T13:02:06.622Z", "dateUpdated": "2026-02-23T09:42:07.221Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T09:42:07.221Z"}, "title": "mwielgoszewski doorman views.py is_safe_url redirect", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-601", "lang": "en", "description": "Open Redirect"}]}], "affected": [{"vendor": "mwielgoszewski", "product": "doorman", "versions": [{"version": "0.1", "status": "affected"}, {"version": "0.2", "status": "affected"}, {"version": "0.3", "status": "affected"}, {"version": "0.4", "status": "affected"}, {"version": "0.5", "status": "affected"}, {"version": "0.6", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function is_safe_url of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-02-07T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-02-07T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-02-09T06:56:40.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "RacerZ (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.344855", "name": "VDB-344855 | mwielgoszewski doorman views.py is_safe_url redirect", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.344855", "name": "VDB-344855 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.748072", "name": "Submit #748072 | https://github.com/mwielgoszewski/doorman doorman Latest Version (commit 9a9b97c8) Open Redirect", "tags": ["third-party-advisory"]}, {"url": "https://gist.github.com/RacerZ-fighting/39f230feb0e450ae54f0a80c63c5d924", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-10T19:59:23.297909Z", "id": "CVE-2026-2153", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-10T19:59:32.694Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2153", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-10T19:59:23.297909Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-10T19:59:29.492Z"}}], "cna": {"title": "mwielgoszewski doorman views.py is_safe_url redirect", "credits": [{"lang": "en", "type": "reporter", "value": "RacerZ (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "mwielgoszewski", "product": "doorman", "versions": [{"status": "affected", "version": "0.1"}, {"status": "affected", "version": "0.2"}, {"status": "affected", "version": "0.3"}, {"status": "affected", "version": "0.4"}, {"status": "affected", "version": "0.5"}, {"status": "affected", "version": "0.6"}]}], "timeline": [{"lang": "en", "time": "2026-02-07T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-02-07T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-02-09T06:56:40.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.344855", "name": "VDB-344855 | mwielgoszewski doorman views.py is_safe_url redirect", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.344855", "name": "VDB-344855 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.748072", "name": "Submit #748072 | https://github.com/mwielgoszewski/doorman doorman Latest Version (commit 9a9b97c8) Open Redirect", "tags": ["third-party-advisory"]}, {"url": "https://gist.github.com/RacerZ-fighting/39f230feb0e450ae54f0a80c63c5d924", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function is_safe_url of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "Open Redirect"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T09:42:07.221Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2153", "state": "PUBLISHED", "dateUpdated": "2026-02-23T09:42:07.221Z", "dateReserved": "2026-02-07T08:18:21.728Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-02-08T13:02:06.622Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mwielgoszewski:doorman:*:*:*:*:*:*:*:*", "matchCriteriaId": "39C5DA64-7533-4ABB-982C-F7BF3D408AB0", "versionEndIncluding": "0.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function is_safe_url of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized."}, {"lang": "es", "value": "Una vulnerabilidad fue determinada en mwielgoszewski doorman hasta 0.6. Este problema afecta la funci\u00f3n is_safe_url del archivo doorman/users/views.py. Ejecutar una manipulaci\u00f3n del argumento Next puede llevar a una redirecci\u00f3n abierta. El ataque puede ser lanzado remotamente. El exploit ha sido divulgado p\u00fablicamente y puede ser utilizado."}], "id": "CVE-2026-2153", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-02-08T13:16:04.657", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://gist.github.com/RacerZ-fighting/39f230feb0e450ae54f0a80c63c5d924"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/?ctiid.344855"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?id.344855"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/?submit.748072"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-17T21:54:19.545390+00:00", "value": {"mitigation_remediation": ["Upgrade to the latest release of doorman, which removes the vulnerable is_safe_url implementation.", "If an upgrade is not immediately available, tighten redirect validation by restricting the Next parameter to a whitelist of approved domains or the same origin using Django\u2019s safe URL utilities.", "Eliminate the use of the Next query argument in redirect logic to prevent the attack vector entirely."], "summary": {"action": "Apply Patch", "impact": "Open Redirect"}, "threat_synthesis": {"affected_systems": "The issue affects the mwielgoszewski doorman application up to version 0.6. Users running any release preceding 0.7 are potentially exposed.", "description_and_impact": "The vulnerability resides in the is_safe_url function within doorman's users/views.py. By tampering with the Next argument, an attacker can forge a redirect to an arbitrary external site, enabling phishing or malicious content delivery. This flaw allows a remote attacker to control the destination URL issued by the application.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity, while the EPSS score of less than 1\u202f% reflects a very low probability of exploitation at present. The flaw is not listed in the CISA KEV database, but public exploit code has been shared and the attack can be carried out remotely. The open\u2011redirect functionality creates an attack surface that could be leveraged for credential phishing or malware delivery, with no authentication or privilege requirement."}}}}, "created": "2026-02-09T10:39:58.883834+00:00", "updated": "2026-04-17T22:00:11.066436+00:00", "vendors": ["mwielgoszewski", "mwielgoszewski$PRODUCT$doorman"]}