diff --git a/CVE-2024-41810.patch b/CVE-2024-41810.patch
new file mode 100644
index 0000000000000000000000000000000000000000..9fc130ddd38dc32cf92fae7b7ef54df87d71e3ee
--- /dev/null
+++ b/CVE-2024-41810.patch
@@ -0,0 +1,102 @@
+From a22866244736345239909eaca7be2eb8da791997 Mon Sep 17 00:00:00 2001
+From: Viktor Chuchurski <viktor@doyensec.com>
+Date: Thu, 25 Jul 2024 19:34:35 +0200
+Subject: [PATCH 1/6] - added output encoding in redirect HTML
+
+---
+ src/twisted/web/_template_util.py          |  2 +-
+ src/twisted/web/newsfragments/12263.bugfix |  1 +
+ src/twisted/web/newsfragments/9839.bugfix  |  1 +
+ src/twisted/web/test/test_util.py          | 39 +++++++++++++++++++++-
+ 4 files changed, 41 insertions(+), 2 deletions(-)
+ create mode 100644 src/twisted/web/newsfragments/12263.bugfix
+ create mode 100644 src/twisted/web/newsfragments/9839.bugfix
+
+diff --git a/src/twisted/web/_template_util.py b/src/twisted/web/_template_util.py
+index 38ebbed..c6f7e9d 100644
+--- a/src/twisted/web/_template_util.py
++++ b/src/twisted/web/_template_util.py
+@@ -92,7 +92,7 @@ def redirectTo(URL: bytes, request: IRequest) -> bytes:
+     </body>
+ </html>
+ """ % {
+-        b"url": URL
++        b"url": escape(URL.decode("utf-8")).encode("utf-8")
+     }
+     return content
+ 
+diff --git a/src/twisted/web/newsfragments/12263.bugfix b/src/twisted/web/newsfragments/12263.bugfix
+new file mode 100644
+index 0000000..b3982ca
+--- /dev/null
++++ b/src/twisted/web/newsfragments/12263.bugfix
+@@ -0,0 +1 @@
++twisted.web.util.redirectTo now HTML-escapes the provided URL in the fallback response body it returns (GHSA-cf56-g6w6-pqq2). The issue is being tracked with CVE-2024-41810.
+\ No newline at end of file
+diff --git a/src/twisted/web/newsfragments/9839.bugfix b/src/twisted/web/newsfragments/9839.bugfix
+new file mode 100644
+index 0000000..1e2e7f7
+--- /dev/null
++++ b/src/twisted/web/newsfragments/9839.bugfix
+@@ -0,0 +1 @@
++twisted.web.util.redirectTo now HTML-escapes the provided URL in the fallback response body it returns (GHSA-cf56-g6w6-pqq2, CVE-2024-41810).
+diff --git a/src/twisted/web/test/test_util.py b/src/twisted/web/test/test_util.py
+index 996b0d0..87282ce 100644
+--- a/src/twisted/web/test/test_util.py
++++ b/src/twisted/web/test/test_util.py
+@@ -5,7 +5,6 @@
+ Tests for L{twisted.web.util}.
+ """
+ 
+-
+ import gc
+ 
+ from twisted.internet import defer
+@@ -64,6 +63,44 @@ class RedirectToTests(TestCase):
+         targetURL = "http://target.example.com/4321"
+         self.assertRaises(TypeError, redirectTo, targetURL, request)
+ 
++    def test_legitimateRedirect(self):
++        """
++        Legitimate URLs are fully interpolated in the `redirectTo` response body without transformation
++        """
++        request = DummyRequest([b""])
++        html = redirectTo(b"https://twisted.org/", request)
++        expected = b"""
++<html>
++    <head>
++        <meta http-equiv=\"refresh\" content=\"0;URL=https://twisted.org/\">
++    </head>
++    <body bgcolor=\"#FFFFFF\" text=\"#000000\">
++    <a href=\"https://twisted.org/\">click here</a>
++    </body>
++</html>
++"""
++        self.assertEqual(html, expected)
++
++    def test_maliciousRedirect(self):
++        """
++        Malicious URLs are HTML-escaped before interpolating them in the `redirectTo` response body
++        """
++        request = DummyRequest([b""])
++        html = redirectTo(
++            b'https://twisted.org/"><script>alert(document.location)</script>', request
++        )
++        expected = b"""
++<html>
++    <head>
++        <meta http-equiv=\"refresh\" content=\"0;URL=https://twisted.org/&quot;&gt;&lt;script&gt;alert(document.location)&lt;/script&gt;\">
++    </head>
++    <body bgcolor=\"#FFFFFF\" text=\"#000000\">
++    <a href=\"https://twisted.org/&quot;&gt;&lt;script&gt;alert(document.location)&lt;/script&gt;\">click here</a>
++    </body>
++</html>
++"""
++        self.assertEqual(html, expected)
++
+ 
+ class ParentRedirectTests(SynchronousTestCase):
+     """
+-- 
+2.41.0
+
diff --git a/python-twisted.spec b/python-twisted.spec
index 0ac8fe4431619352e6f65fd3b7dfb20de213b266..f5858e19be23455a3a45786d47fdd3288d9c0d4f 100644
--- a/python-twisted.spec
+++ b/python-twisted.spec
@@ -1,13 +1,14 @@
 %define debug_package %{nil}
 Name:           python-twisted
 Version:        22.10.0
-Release:        3
+Release:        4
 Summary:        An event-driven networking engine written in Python
 License:        MIT
 URL:            http://twistedmatrix.com/
 Source0:        https://github.com/twisted/twisted/archive/twisted-%{version}/twisted-%{version}.tar.gz
 # https://github.com/twisted/twisted/commit/1e6e9d23cac59689760558dcb6634285e694b04c
 Patch0:         CVE-2023-46137.patch
+Patch1:         CVE-2024-41810.patch
 
 
 %description
@@ -110,6 +111,9 @@ PATH=%{buildroot}%{_bindir}:$PATH PYTHONPATH=%{buildroot}%{python3_sitelib} %{bu
 %{_mandir}/man1/{cftp.1*,ckeygen.1*,conch.1*,mailmail.1*,pyhtmlizer.1*,tkconch.1*,trial.1*,twistd.1*}
 
 %changelog
+* Tue Jul 30 2024 yinyongkang <yinyongkang@kylinos.cn> - 22.10.0-4
+- Fix CVE-2024-41810
+
 * Fri Dec 29 2023 yaoxin <yao_xin001@hoperun.com> - 22.10.0-3
 - Fix CVE-2023-46137