VYPR

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

BaseDraftLikelihood: Low

Description

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-178

CVEs mapped to this weakness (835)

page 20 of 42
  • CVE-2026-35396MedApr 6, 2026
    risk 0.33cvss 6.1epss 0.00

    WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and…

  • CVE-2026-33709MedApr 3, 2026
    risk 0.33cvss 6.1epss 0.00

    JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an open redirect vulnerability in JupyterHub allows attackers to construct links which, when clicked, take users to the JupyterHub login page, after which they are…

  • CVE-2026-34083MedApr 2, 2026
    risk 0.33cvss 6.1epss 0.00

    Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.24.0, SignalK Server contains a code-level vulnerability in its OIDC login and logout handlers where the unvalidated HTTP Host header is used to construct the OAuth2 redirect_uri.…

  • CVE-2026-32113MedMar 31, 2026
    risk 0.33cvss 6.1epss 0.00

    Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the enter action in StaticController reads the sso_destination_url cookie and redirects to it with…

  • CVE-2026-33885MedMar 27, 2026
    risk 0.33cvss 6.1epss 0.00

    Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.16 and 6.7.2, the external URL detection used for redirect validation on unauthenticated endpoints could be bypassed, allowing users to be redirected to external URLs after actions like…

  • CVE-2026-33397MedMar 26, 2026
    risk 0.33cvss 6.1epss 0.00

    The Angular SSR is a server-rise rendering tool for Angular applications. Versions on the 22.x branch prior to 22.0.0-next.2, the 21.x branch prior to 21.2.3, and the 20.x branch prior to 20.3.21 have an Open Redirect vulnerability in `@angular/ssr` due to an incomplete fix for…

  • CVE-2025-10355MedOct 23, 2025
    risk 0.33cvss epss 0.00

    Open redirection vulnerability in MOLGENIS EMX2 v11.14.0. This vulnerability allows an attacker to create a malicious URL using a manipulated redirection parameter, potentially leading users to phishing sites or other malicious destinations via “/%2f%2f<MALICIOUS_DOMAIN>”.

  • CVE-2025-2068MedApr 25, 2025
    risk 0.33cvss 5.0epss 0.00

    An open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a crafted url is visited by a local user.

  • CVE-2024-43794MedAug 23, 2024
    risk 0.33cvss 6.1epss 0.00

    OpenSearch Dashboards Security Plugin adds a configuration management UI for the OpenSearch Security features to OpenSearch Dashboards. Improper validation of the nextUrl parameter can lead to external redirect on login to OpenSearch-Dashboards for specially crafted parameters.…

  • CVE-2023-49438MedDec 26, 2023
    risk 0.33cvss 6.1epss 0.01

    An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes.

  • CVE-2023-46750MedDec 14, 2023
    risk 0.33cvss 6.1epss 0.01

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+.

  • CVE-2023-50771MedDec 13, 2023
    risk 0.33cvss 6.1epss 0.01

    Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.

  • CVE-2019-25155MedNov 7, 2023
    risk 0.33cvss 6.1epss 0.01

    DOMPurify before 1.0.11 allows reverse tabnabbing in demos/hooks-target-blank-demo.html because links lack a 'rel="noopener noreferrer"' attribute.

  • CVE-2021-46898MedOct 22, 2023
    risk 0.33cvss 6.1epss 0.00

    views/switch.py in django-grappelli (aka Django Grappelli) before 2.15.2 attempts to prevent external redirection with startswith("/") but this does not consider a protocol-relative URL (e.g., //example.com) attack.

  • CVE-2018-25091MedOct 15, 2023
    risk 0.33cvss 6.1epss 0.01

    urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the authorization header to be exposed to unintended hosts or transmitted in…

  • CVE-2023-41080MedAug 25, 2023
    risk 0.33cvss 6.1epss 0.06

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older,…

  • CVE-2023-35934MedJul 6, 2023
    risk 0.33cvss 6.1epss 0.01

    yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent…

  • CVE-2023-34247MedJun 13, 2023
    risk 0.33cvss 6.1epss 0.00

    Keystone is a content management system for Node.JS. There is an open redirect in the `@keystone-6/auth` package versions 7.0.0 and prior, where the redirect leading `/` filter can be bypassed. Users may be redirected to domains other than the relative host, thereby it might be…

  • CVE-2023-28370MedMay 25, 2023
    risk 0.33cvss 6.1epss 0.01

    Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL.

  • CVE-2023-26494MedApr 24, 2023
    risk 0.33cvss 6.1epss 0.01

    lorawan-stack is an open source LoRaWAN network server. Prior to version 3.24.1, an open redirect exists on the login page of the lorawan stack server, allowing an attacker to supply a user controlled redirect upon sign in. This issue may allows malicious actors to phish users,…