VYPR

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

BaseDraftLikelihood: Low

Description

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-178

CVEs mapped to this weakness (835)

page 17 of 42
  • CVE-2025-44109MedJul 23, 2025
    risk 0.35cvss 5.4epss 0.00

    A URL redirection in Pinokio v3.6.23 allows attackers to redirect victim users to attacker-controlled pages.

  • CVE-2025-50477MedJul 23, 2025
    risk 0.35cvss 5.4epss 0.00

    A URL redirection in lbry-desktop v0.53.9 allows attackers to redirect victim users to attacker-controlled pages.

  • CVE-2025-5256MedMay 28, 2025
    risk 0.35cvss 5.4epss 0.00

    SummaryThis advisory addresses an Open Redirection vulnerability in Mautic's user unlocking endpoint. This vulnerability could be exploited by an attacker to redirect legitimate users to malicious websites, potentially leading to phishing attacks or the delivery of exploit kits.…

  • CVE-2025-27426MedMar 4, 2025
    risk 0.35cvss 5.4epss 0.00

    Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL. This vulnerability was fixed in Firefox for iOS 136.

  • CVE-2025-0244MedJan 7, 2025
    risk 0.35cvss 5.3epss 0.07

    When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 134.

  • CVE-2024-4445MedMay 14, 2024
    risk 0.35cvss 6.5epss 0.00

    The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the several functions in versions up to, and including, 6.20.01. This makes it possible for authenticated attackers, with…

  • CVE-2024-25657MedMar 18, 2024
    risk 0.35cvss 5.4epss 0.00

    An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS could allow attackers to redirect authenticated users to malicious websites.

  • CVE-2024-21641MedJan 5, 2024
    risk 0.35cvss 6.5epss 0.01

    Flarum is open source discussion platform software. Prior to version 1.8.5, the Flarum `/logout` route includes a redirect parameter that allows any third party to redirect users from a (trusted) domain of the Flarum installation to redirect to any link. For logged-in users, the…

  • CVE-2022-43721MedJan 16, 2023
    risk 0.35cvss 5.4epss 0.01

    An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.

  • CVE-2021-23385MedAug 2, 2022
    risk 0.35cvss 5.4epss 0.01

    This affects all versions of package Flask-Security. When using the get_post_logout_redirect and get_post_login_redirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This…

  • CVE-2022-23607MedFeb 1, 2022
    risk 0.35cvss 6.5epss 0.01

    treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods (`treq.get`, `treq.post`, etc.) and `treq.client.HTTPClient` constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore…

  • CVE-2021-43812MedDec 16, 2021
    risk 0.35cvss 6.4epss 0.01

    The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions before 1.6.2 do not filter out certain returnTo parameter values from the login url, which expose the application to an open redirect vulnerability. Users are advised to…

  • CVE-2021-32806MedAug 2, 2021
    risk 0.35cvss 6.5epss 0.01

    Products.isurlinportal is a replacement for isURLInPortal method in Plone. Versions of Products.isurlinportal prior to 1.2.0 have an Open Redirect vulnerability. Various parts of Plone use the 'is url in portal' check for security, mostly to see if it is safe to redirect to a…

  • CVE-2021-23401MedJul 5, 2021
    risk 0.35cvss 5.4epss 0.01

    This affects all versions of package Flask-User. When using the make_safe_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as /////evil.com/path or \\\evil.com/path. This vulnerability is only…

  • CVE-2018-15403MedOct 5, 2018
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote attacker to redirect a user to a malicious web…

  • CVE-2018-14574MedAug 3, 2018
    risk 0.35cvss 6.1epss 0.25

    django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.

  • CVE-2017-14802MedMar 2, 2018
    risk 0.35cvss 5.4epss 0.01

    Novell Access Manager Admin Console and IDP servers before 4.3.3 have a URL that could be used by remote attackers to trigger unvalidated redirects to third party sites.

  • CVE-2016-0329MedFeb 2, 2018
    risk 0.35cvss 5.4epss 0.01

    Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x before 10.0.0.1_iFix3, 10.0.1.x before 10.0.1.3_iFix3, 10.0.2.x before 10.0.2.8_iFix1, 10.0.4.0 before 10.0.4.0_iFix8, and 10.1.0.0 before 10.1.0.0_iFix3 allows remote attackers to redirect users to arbitrary web…

  • CVE-2017-1449MedAug 31, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a…

  • CVE-2017-1448MedAug 9, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the…