mechanize is vulnerable to information disclosure. Remote unauthenticated attackers are able to gain access to the authorization header
by redirecting a victim to a different port on the same site.
github.com/sparklemotion/mechanize/commit/c7fe6996a5b95f9880653ba3bc548a8d4ef72317
github.com/sparklemotion/mechanize/pull/600
github.com/sparklemotion/mechanize/security/advisories/GHSA-64qm-hrgp-pgr9
lists.fedoraproject.org/archives/list/[email protected]/message/7OKZMR5O3T5HQ2V737TC7IU4WZRT2LGX/
lists.fedoraproject.org/archives/list/[email protected]/message/OA2FJROTX2U6EBWDPKRQ2VAM67A5TQXF/