CVE-2026-27982 – An open redirect vulnerability in django-allaut... (How to Fix)

📋 TL;DR

An open redirect vulnerability in django-allauth allows attackers to redirect users to malicious external websites via crafted URLs when SAML IdP initiated SSO is enabled. This affects django-allauth installations with SAML IdP SSO enabled (disabled by default). Users could be tricked into visiting phishing sites or downloading malware.

💻 Affected Systems

Products:

django-allauth

Versions: All versions prior to 65.14.1

Operating Systems: All

Default Config Vulnerable: ✅ No

Notes: Only vulnerable when SAML IdP initiated SSO is enabled, which is disabled by default.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users redirected to convincing phishing sites that steal credentials or deliver malware, leading to account compromise or system infection.

🟠

Likely Case

Users redirected to spam or low-quality external sites, causing user experience issues and potential reputation damage.

🟢

If Mitigated

Minimal impact if SAML IdP SSO is disabled or proper URL validation is implemented.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires crafting a malicious URL with redirect parameter. No authentication needed to trigger redirect.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 65.14.1

Vendor Advisory: https://allauth.org/news/2026/02/django-allauth-65.14.1-released/

Restart Required: Yes

Instructions:

1. Update django-allauth: pip install django-allauth==65.14.1
2. Restart Django application server
3. Verify SAML IdP SSO functionality still works as expected

🔧 Temporary Workarounds

Disable SAML IdP Initiated SSO

all

Disable the vulnerable feature if not required

Set 'SAML_IDP_INITIATED_SSO = False' in Django settings

🧯 If You Can't Patch

Implement WAF rules to block redirects to external domains from SAML endpoints
Monitor logs for suspicious redirect patterns and implement user education about phishing risks

🔍 How to Verify

Check if Vulnerable:

Check if django-allauth version <65.14.1 AND SAML_IDP_INITIATED_SSO = True in settings

Check Version:

pip show django-allauth | grep Version

Verify Fix Applied:

Verify django-allauth version is 65.14.1 or higher

📡 Detection & Monitoring

Log Indicators:

Unusual redirect patterns in Django logs, especially from SAML endpoints to external domains

Network Indicators:

HTTP 302 redirects from SAML endpoints to unexpected external domains

SIEM Query:

web_logs WHERE url_path CONTAINS '/saml/' AND status_code=302 AND redirect_domain NOT IN (allowed_domains)

📊 Metadata

CVE ID: CVE-2026-27982

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE: CWE-601

Published: March 5, 2026

Last Updated: March 5, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-27982, you might also want to check these: