CVE-2026-27982 in django-allauth
Summary
by MITRE • 03/05/2026
An open redirect vulnerability exists in django-allauth versions prior to 65.14.1 when SAML IdP initiated SSO is enabled (it is disabled by default), which may allow an attacker to redirect users to an arbitrary external website via a crafted URL.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 03/11/2026
The vulnerability identified as CVE-2026-27982 represents a critical open redirect flaw within the django-allauth authentication library, specifically impacting versions prior to 65.14.1. This vulnerability emerges in scenarios where SAML Identity Provider (IdP) initiated Single Sign-On (SSO) functionality is enabled, although it's important to note that this feature remains disabled by default within the library configuration. The flaw stems from inadequate validation of redirect URLs during the authentication flow process, creating a pathway for malicious actors to manipulate user navigation through crafted URLs that could lead to phishing attacks or other malicious activities.
The technical implementation of this vulnerability occurs within the SAML SSO handling code path where the application fails to properly sanitize or validate the target URL parameter that users are redirected to after successful authentication. When SAML IdP initiated SSO is active, the system processes redirect requests that may contain unvalidated external URLs, allowing attackers to craft malicious links that appear legitimate but ultimately direct users to attacker-controlled domains. This represents a classic open redirect vulnerability pattern where the application trustlessly accepts redirect targets without proper verification mechanisms, enabling the exploitation of the trust relationship between the application and its users.
The operational impact of this vulnerability extends beyond simple redirection attacks, as it creates opportunities for sophisticated social engineering campaigns that could compromise user credentials or sensitive data. Attackers could leverage this vulnerability to create convincing phishing pages that mimic legitimate service interfaces, potentially capturing user authentication tokens or personal information. The security implications are particularly concerning in enterprise environments where SAML SSO is commonly deployed, as successful exploitation could allow attackers to bypass traditional security controls and gain unauthorized access to protected resources.
Mitigation strategies for CVE-2026-27982 should prioritize immediate upgrade to django-allauth version 65.14.1 or later, which includes proper input validation and sanitization of redirect URLs. Organizations should also implement additional defensive measures such as configuring strict redirect URL validation policies, monitoring for unusual redirect patterns in authentication logs, and ensuring that SAML SSO functionality remains disabled unless explicitly required for business operations. The vulnerability aligns with CWE-601 Open Redirect and maps to ATT&CK technique T1566.002 Phishing via Service Provider, as it enables attackers to craft convincing phishing attacks through manipulated redirect mechanisms that exploit user trust in legitimate authentication flows. Security teams should conduct comprehensive audits of their SAML configurations and ensure that all authentication systems properly validate redirect targets to prevent exploitation of similar vulnerabilities in related components.