Solutionunvalidated
Wget before 1.21.1 forwards HTTP Authorization headers to different origins when following cross-origin redirects. — when following cross-origin redirects. Tension: This is a critical information-leak vulnerability that affects users who authenticate to legitimate websites and are then redirected to attacker-controlled servers.
ce7adb93-ea9e-4ba1-9816-983af5e3d472
Wget before 1.21.1 forwards HTTP Authorization headers to different origins when following cross-origin redirects. — when following cross-origin redirects. Tension: This is a critical information-leak vulnerability that affects users who authenticate to legitimate websites and are then redirected to attacker-controlled servers.