{"vulnerability": "CVE-2021-22881", "sightings": [{"uuid": "bf88d934-4c98-4f11-9647-77b2b14efffb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22881", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-22881.yaml", "content": "", "creation_timestamp": "2026-01-21T08:13:17.000000Z"}, {"uuid": "dcb39233-653c-43c5-a521-6cc20ca04648", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22881", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mcxkzuilzy2k", "content": "", "creation_timestamp": "2026-01-21T21:03:00.244708Z"}, {"uuid": "d9a38b0f-c81e-42b6-85b9-df2f6bd5ca3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22881", "type": "seen", "source": "https://t.me/cibsecurity/23449", "content": "\u203c CVE-2021-22881 \u203c\n\nThe Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `Host` headers in combination with certain \"allowed host\" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. Impacted applications will have allowed hosts with a leading dot. When an allowed host contains a leading dot, a specially crafted `Host` header can be used to redirect to a malicious website.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-11T20:42:39.000000Z"}]}