VYPR

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

BaseDraftLikelihood: Low

Description

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-178

CVEs mapped to this weakness (835)

page 15 of 42
  • CVE-2016-10315MedApr 3, 2017
    risk 0.40cvss 6.1epss 0.01

    Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to conduct Open Redirect attacks via the submit-url parameter to certain /goform/* pages.

  • CVE-2016-7137MedMar 7, 2017
    risk 0.40cvss 6.1epss 0.02

    Multiple open redirect vulnerabilities in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter to (1)…

  • CVE-2017-5615MedMar 3, 2017
    risk 0.40cvss 6.1epss 0.01

    cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location.

  • CVE-2017-5614MedMar 3, 2017
    risk 0.40cvss 6.1epss 0.01

    Open redirect vulnerability in cgiemail and cgiecho allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the (1) success or (2) failure parameter.

  • CVE-2017-5571MedMar 3, 2017
    risk 0.40cvss 6.1epss 0.02

    Open redirect vulnerability in the lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) 11.14.1 and earlier, as used in Citrix License Server for Windows and the Citrix License Server VPX, allows remote attackers to redirect users to arbitrary web sites and…

  • CVE-2017-3840MedFeb 22, 2017
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect Vulnerability. More Information: CSCvc04849. Known Affected Releases: 5.8(2.5).

  • CVE-2016-8376MedFeb 13, 2017
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0. This non-validated redirect/non-validated forward (OPEN REDIRECT) allows chaining with authenticated vulnerabilities.

  • CVE-2016-8961MedFeb 1, 2017
    risk 0.40cvss 6.1epss 0.01

    IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a…

  • CVE-2016-6020MedFeb 1, 2017
    risk 0.40cvss 6.1epss 0.01

    IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to…

  • CVE-2016-6908MedJan 26, 2017
    risk 0.40cvss 6.1epss 0.01

    Characters from languages are such as Arabic, Hebrew are displayed from RTL (Right To Left) order in Opera 37.0.2192.105088 for Android, due to mishandling of several unicode characters such as U+FE70, U+0622, U+0623 etc and how they are rendered combined with (first strong…

  • CVE-2017-5474MedJan 14, 2017
    risk 0.40cvss 6.1epss 0.01

    Open redirect vulnerability in comment.php in Serendipity through 2.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header.

  • CVE-2016-5715MedJan 12, 2017
    risk 0.40cvss 6.1epss 0.01

    Open redirect vulnerability in the Console in Puppet Enterprise 2015.x and 2016.x before 2016.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a // (slash slash) followed by a domain in the redirect parameter. NOTE: this…

  • CVE-2015-6501MedJan 12, 2017
    risk 0.40cvss 6.1epss 0.01

    Open redirect vulnerability in the Console in Puppet Enterprise before 2015.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the string parameter.

  • CVE-2008-2951MedJul 27, 2008
    risk 0.40cvss 6.1epss 0.02

    Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function.

  • CVE-2008-2052MedMay 2, 2008
    risk 0.40cvss 6.1epss 0.02

    Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter.

  • CVE-2026-45037HigMay 15, 2026
    risk 0.39cvss 7.1epss 0.00

    Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.232, Tabby's terminal linkifier passes any detected URI directly to the operating system's protocol handler without validating the protocol scheme. This allows a malicious SSH or Telnet server to…

  • CVE-2026-44503HigMay 14, 2026
    risk 0.39cvss epss 0.01

    The RedirectHandler middleware in microsoft/kiota-java (com.microsoft.kiota:microsoft-kiota-http-okHttp v1.9.0) and other Kiota libraries fails to strip sensitive HTTP headers when following 3xx redirects to a different host or scheme. Only the Authorization header is removed;…

  • CVE-2025-6242HigOct 7, 2025
    risk 0.39cvss 7.1epss 0.00

    A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target…

  • CVE-2023-6717MedApr 25, 2024
    risk 0.39cvss 6.0epss 0.01

    A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one…

  • CVE-2022-45402MedNov 15, 2022
    risk 0.39cvss 6.1epss 0.82

    In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's `/login` endpoint.