CVE-2026-27982
Open Redirect in django-allauth SAML IdP Initiated SSO
Publication date: 2026-03-05
Last updated on: 2026-03-09
Assigner: JPCERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| allauth | allauth | to 65.14.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-27982 is an open redirect vulnerability found in django-allauth versions prior to 65.14.1. It occurs when SAML Identity Provider (IdP) initiated Single Sign-On (SSO) is enabled, which is disabled by default.
The vulnerability allows an attacker to craft a URL that redirects users to arbitrary external websites after authentication, exploiting the SAML RelayState parameter used for redirection.
How can this vulnerability impact me? :
This vulnerability can impact users by allowing attackers to redirect authenticated users to malicious external websites via crafted URLs.
Such redirections can lead to phishing attacks, credential theft, or exposure to malware, potentially compromising user security and trust.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability occurs when SAML IdP initiated Single Sign-On (SSO) is enabled in django-allauth versions prior to 65.14.1. Detection involves checking if your django-allauth installation is below version 65.14.1 and if the SAML IdP initiated SSO feature is enabled.
You can detect the vulnerable setup by verifying the django-allauth version installed on your system using the following command:
- pip show django-allauth
Additionally, to check if SAML IdP initiated SSO is enabled, review your django-allauth configuration files for the relevant SSO settings.
To detect exploitation attempts on your network, monitor HTTP requests for suspicious URLs containing crafted RelayState parameters that redirect users to external sites.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to update django-allauth to version 65.14.1 or later, where this open redirect vulnerability has been fixed.
If you are not using SAML IdP initiated SSO, ensure that this feature remains disabled, as it is disabled by default and the vulnerability only manifests when it is enabled.
Review your applicationβs configuration to confirm that SAML RelayState parameters are handled securely and avoid using unvalidated redirect URLs.