CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Description
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-178
CVEs mapped to this weakness (835)
page 18 of 42| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8949 | Med | 0.35 | 5.4 | 0.01 | Aug 9, 2017 | IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the… | ||
| CVE-2017-11725 | Med | 0.35 | 5.4 | 0.01 | Jul 29, 2017 | The share function in Thycotic Secret Server before 10.2.000019 mishandles the Back Button, leading to unintended redirections. | ||
| CVE-2017-1287 | Med | 0.35 | 5.4 | 0.01 | Jul 24, 2017 | IBM Rhapsody DM 5.0 and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to… | ||
| CVE-2016-8953 | Med | 0.35 | 5.4 | 0.01 | Jul 12, 2017 | IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to… | ||
| CVE-2017-1159 | Med | 0.35 | 5.4 | 0.01 | May 22, 2017 | IBM Business Process Manager 8.0 and 8.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to… | ||
| CVE-2016-0228 | Med | 0.35 | 5.4 | 0.01 | Apr 17, 2017 | IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redirect a victim to arbitrary Web sites. IBM X-Force ID: 110236. | ||
| CVE-2017-3810 | Med | 0.35 | 5.4 | 0.01 | Feb 3, 2017 | A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0_R2_tanggula. | ||
| CVE-2017-3799 | Med | 0.35 | 5.4 | 0.01 | Jan 26, 2017 | A vulnerability in a URL parameter of Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to perform site redirection. More Information: CSCzu78401. Known Affected Releases: T28.1. | ||
| CVE-2016-6636 | Med | 0.35 | 5.3 | 0.01 | Sep 30, 2016 | The OAuth authorization implementation in Pivotal Cloud Foundry (PCF) before 242; UAA 2.x before 2.7.4.7, 3.x before 3.3.0.5, and 3.4.x before 3.4.4; UAA BOSH before 11.5 and 12.x before 12.5; Elastic Runtime before 1.6.40, 1.7.x before 1.7.21, and 1.8.x before 1.8.1; and Ops… | ||
| CVE-2016-4604 | Med | 0.35 | 5.4 | 0.01 | Jul 22, 2016 | Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the displayed URL via an HTTP response specifying redirection to an invalid TCP port number. | ||
| CVE-2026-3318 | Med | 0.34 | — | 0.00 | May 8, 2026 | Open redirection vulnerability in the latest demo version of the Cradle eCommerce platform. The vulnerability occurs in the login form endpoint, where the ‘returnUrl’ parameter allows redirection because the web application accepts a URL as a parameter without properly… | ||
| CVE-2024-4882 | Med | 0.34 | — | 0.00 | Jul 8, 2024 | The user may be redirected to an arbitrary site in Sitefinity 15.1.8321.0 and previous versions. | ||
| CVE-2017-20164 | — | Med | 0.34 | 6.3 | 0.01 | Jan 7, 2023 | A vulnerability was found in Symbiote Seed up to 6.0.2. It has been classified as critical. Affected is the function onBeforeSecurityLogin of the file code/extensions/SecurityLoginExtension.php of the component Login. The manipulation of the argument URL leads to open redirect.… | |
| CVE-2021-4260 | — | Med | 0.34 | 6.3 | 0.00 | Dec 19, 2022 | A vulnerability was found in oils-js. It has been declared as critical. This vulnerability affects unknown code of the file core/Web.js. The manipulation leads to open redirect. The attack can be initiated remotely. The name of the patch is fad8fbae824a7d367dacb90d56cb02c5cb999d4… | |
| CVE-2021-21392 | Med | 0.34 | 6.3 | 0.01 | Apr 12, 2021 | Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when… | ||
| CVE-2021-21337 | — | Med | 0.34 | 5.7 | 0.08 | Mar 8, 2021 | Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an open redirect vulnerability. A maliciously crafted link to the login form and login functionality could redirect the… | |
| CVE-2020-11529 | — | Med | 0.34 | 6.1 | 0.11 | Apr 4, 2020 | Common/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in 1.6.x. | |
| CVE-2018-8813 | Med | 0.34 | 4.8 | 0.03 | Apr 4, 2018 | Open redirect vulnerability in the login[redirect] parameter login functionality in WolfCMS 0.8.3.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL. | ||
| CVE-2026-10861 | Med | 0.33 | 6.1 | 0.00 | Jun 4, 2026 | An open redirect vulnerability existed in MISP UsersController::routeafterlogin() because the value stored in the pre_login_requested_url session key was used as the post-login redirect destination without sufficiently enforcing that it was a local application path. An… | ||
| CVE-2026-10856 | Med | 0.33 | 6.1 | 0.00 | Jun 4, 2026 | A URL validation flaw in the MISP dashboard button widget allowed a crafted relative-looking URL to be accepted as a local path while being interpreted by browsers as an external URL. The validation rejected URLs containing an explicit scheme, host, or user component, but did… |
- risk 0.35cvss 5.4epss 0.01
IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the…
- risk 0.35cvss 5.4epss 0.01
The share function in Thycotic Secret Server before 10.2.000019 mishandles the Back Button, leading to unintended redirections.
- risk 0.35cvss 5.4epss 0.01
IBM Rhapsody DM 5.0 and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to…
- risk 0.35cvss 5.4epss 0.01
IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to…
- risk 0.35cvss 5.4epss 0.01
IBM Business Process Manager 8.0 and 8.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to…
- risk 0.35cvss 5.4epss 0.01
IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redirect a victim to arbitrary Web sites. IBM X-Force ID: 110236.
- risk 0.35cvss 5.4epss 0.01
A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0_R2_tanggula.
- risk 0.35cvss 5.4epss 0.01
A vulnerability in a URL parameter of Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to perform site redirection. More Information: CSCzu78401. Known Affected Releases: T28.1.
- risk 0.35cvss 5.3epss 0.01
The OAuth authorization implementation in Pivotal Cloud Foundry (PCF) before 242; UAA 2.x before 2.7.4.7, 3.x before 3.3.0.5, and 3.4.x before 3.4.4; UAA BOSH before 11.5 and 12.x before 12.5; Elastic Runtime before 1.6.40, 1.7.x before 1.7.21, and 1.8.x before 1.8.1; and Ops…
- risk 0.35cvss 5.4epss 0.01
Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the displayed URL via an HTTP response specifying redirection to an invalid TCP port number.
- risk 0.34cvss —epss 0.00
Open redirection vulnerability in the latest demo version of the Cradle eCommerce platform. The vulnerability occurs in the login form endpoint, where the ‘returnUrl’ parameter allows redirection because the web application accepts a URL as a parameter without properly…
- risk 0.34cvss —epss 0.00
The user may be redirected to an arbitrary site in Sitefinity 15.1.8321.0 and previous versions.
- risk 0.34cvss 6.3epss 0.01
A vulnerability was found in Symbiote Seed up to 6.0.2. It has been classified as critical. Affected is the function onBeforeSecurityLogin of the file code/extensions/SecurityLoginExtension.php of the component Login. The manipulation of the argument URL leads to open redirect.…
- risk 0.34cvss 6.3epss 0.00
A vulnerability was found in oils-js. It has been declared as critical. This vulnerability affects unknown code of the file core/Web.js. The manipulation leads to open redirect. The attack can be initiated remotely. The name of the patch is fad8fbae824a7d367dacb90d56cb02c5cb999d4…
- risk 0.34cvss 6.3epss 0.01
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when…
- risk 0.34cvss 5.7epss 0.08
Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an open redirect vulnerability. A maliciously crafted link to the login form and login functionality could redirect the…
- risk 0.34cvss 6.1epss 0.11
Common/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in 1.6.x.
- risk 0.34cvss 4.8epss 0.03
Open redirect vulnerability in the login[redirect] parameter login functionality in WolfCMS 0.8.3.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL.
- risk 0.33cvss 6.1epss 0.00
An open redirect vulnerability existed in MISP UsersController::routeafterlogin() because the value stored in the pre_login_requested_url session key was used as the post-login redirect destination without sufficiently enforcing that it was a local application path. An…
- risk 0.33cvss 6.1epss 0.00
A URL validation flaw in the MISP dashboard button widget allowed a crafted relative-looking URL to be accepted as a local path while being interpreted by browsers as an external URL. The validation rejected URLs containing an explicit scheme, host, or user component, but did…