CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Description
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-178
CVEs mapped to this weakness (835)
page 22 of 42| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-0869 | Med | 0.33 | 6.1 | 0.03 | Mar 6, 2022 | Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3. | ||
| CVE-2022-0692 | — | Med | 0.33 | 6.1 | 0.03 | Feb 21, 2022 | Open Redirect on Rudloff/alltube in Packagist rudloff/alltube prior to 3.0.1. | |
| CVE-2022-0597 | Med | 0.33 | 6.1 | 0.03 | Feb 15, 2022 | Open Redirect in Packagist microweber/microweber prior to 1.2.11. | ||
| CVE-2022-0560 | Med | 0.33 | 6.1 | 0.01 | Feb 11, 2022 | Open Redirect in Packagist microweber/microweber prior to 1.2.11. | ||
| CVE-2022-0235 | Med | 0.33 | 6.1 | 0.02 | Jan 16, 2022 | node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | ||
| CVE-2021-44528 | — | Med | 0.33 | 6.1 | 0.04 | Jan 10, 2022 | A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. | |
| CVE-2022-0122 | — | Med | 0.33 | 6.1 | 0.01 | Jan 6, 2022 | forge is vulnerable to URL Redirection to Untrusted Site | |
| CVE-2021-4000 | — | Med | 0.33 | 6.1 | 0.01 | Dec 3, 2021 | showdoc is vulnerable to URL Redirection to Untrusted Site | |
| CVE-2021-3989 | — | Med | 0.33 | 6.1 | 0.01 | Dec 1, 2021 | showdoc is vulnerable to URL Redirection to Untrusted Site | |
| CVE-2021-3647 | — | Med | 0.33 | 6.1 | 0.01 | Jul 16, 2021 | URI.js is vulnerable to URL Redirection to Untrusted Site | |
| CVE-2021-21673 | Med | 0.33 | 6.1 | 0.02 | Jun 30, 2021 | Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks. | ||
| CVE-2021-32645 | Med | 0.33 | 6.1 | 0.01 | May 27, 2021 | Tenancy multi-tenant is an open source multi-domain controller for the Laravel web framework. In some situations, it is possible to have open redirects where users can be redirected from your site to any other site using a specially crafted URL. This is only the case for… | ||
| CVE-2020-35678 | — | Med | 0.33 | 6.1 | 0.01 | Dec 27, 2020 | Autobahn|Python before 20.12.3 allows redirect header injection. | |
| CVE-2020-26275 | Med | 0.33 | 6.1 | 0.01 | Dec 21, 2020 | The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect… | ||
| CVE-2020-29565 | — | Med | 0.33 | 6.1 | 0.01 | Dec 4, 2020 | An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic… | |
| CVE-2020-15234 | Med | 0.33 | 6.1 | 0.01 | Oct 2, 2020 | ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. In Fosite before version 0.34.1, the OAuth 2.0 Client's registered redirect URLs and the redirect URL provided at the OAuth2 Authorization Endpoint where compared using strings.ToLower while they should… | ||
| CVE-2020-15233 | Med | 0.33 | 6.1 | 0.01 | Oct 2, 2020 | ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. In Fosite from version 0.30.2 and before version 0.34.1, there is an issue in which an an attacker can override the registered redirect URL by performing an OAuth flow and requesting a redirect URL that is… | ||
| CVE-2020-15129 | — | Med | 0.33 | 6.1 | 0.08 | Jul 30, 2020 | In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik's handling of the "X-Forwarded-Prefix" header. The Traefik API dashboard component doesn't validate that the value of the header "X-Forwarded-Prefix" is a… | |
| CVE-2017-18897 | — | Med | 0.33 | 6.1 | 0.01 | Jun 19, 2020 | An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. It mishandles a deny action for a redirection. | |
| CVE-2020-10959 | — | Med | 0.33 | 6.1 | 0.01 | Jun 2, 2020 | resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page. |
- risk 0.33cvss 6.1epss 0.03
Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3.
- risk 0.33cvss 6.1epss 0.03
Open Redirect on Rudloff/alltube in Packagist rudloff/alltube prior to 3.0.1.
- risk 0.33cvss 6.1epss 0.03
Open Redirect in Packagist microweber/microweber prior to 1.2.11.
- risk 0.33cvss 6.1epss 0.01
Open Redirect in Packagist microweber/microweber prior to 1.2.11.
- risk 0.33cvss 6.1epss 0.02
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
- risk 0.33cvss 6.1epss 0.04
A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.
- risk 0.33cvss 6.1epss 0.01
forge is vulnerable to URL Redirection to Untrusted Site
- risk 0.33cvss 6.1epss 0.01
showdoc is vulnerable to URL Redirection to Untrusted Site
- risk 0.33cvss 6.1epss 0.01
showdoc is vulnerable to URL Redirection to Untrusted Site
- risk 0.33cvss 6.1epss 0.01
URI.js is vulnerable to URL Redirection to Untrusted Site
- risk 0.33cvss 6.1epss 0.02
Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.
- risk 0.33cvss 6.1epss 0.01
Tenancy multi-tenant is an open source multi-domain controller for the Laravel web framework. In some situations, it is possible to have open redirects where users can be redirected from your site to any other site using a specially crafted URL. This is only the case for…
- risk 0.33cvss 6.1epss 0.01
Autobahn|Python before 20.12.3 allows redirect header injection.
- risk 0.33cvss 6.1epss 0.01
The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect…
- risk 0.33cvss 6.1epss 0.01
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic…
- risk 0.33cvss 6.1epss 0.01
ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. In Fosite before version 0.34.1, the OAuth 2.0 Client's registered redirect URLs and the redirect URL provided at the OAuth2 Authorization Endpoint where compared using strings.ToLower while they should…
- risk 0.33cvss 6.1epss 0.01
ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. In Fosite from version 0.30.2 and before version 0.34.1, there is an issue in which an an attacker can override the registered redirect URL by performing an OAuth flow and requesting a redirect URL that is…
- risk 0.33cvss 6.1epss 0.08
In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik's handling of the "X-Forwarded-Prefix" header. The Traefik API dashboard component doesn't validate that the value of the header "X-Forwarded-Prefix" is a…
- risk 0.33cvss 6.1epss 0.01
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5, when used as an OAuth 2.0 service provider. It mishandles a deny action for a redirection.
- risk 0.33cvss 6.1epss 0.01
resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page.