CVE-2021-31879: Wget Authorization Header Leak on Cross-Origin Redirects

Wget before 1.21.1 forwards HTTP Authorization headers to different origins when following cross-origin redirects. An attacker-controlled server can respond with a 302 redirect to its own domain and capture the victim's credentials. This is a critical information-leak vulnerability that affects users who authenticate to legitimate websites and are then redirected to attacker-controlled servers.