VYPR

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

BaseDraftLikelihood: Low

Description

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-178

CVEs mapped to this weakness (835)

page 23 of 42
  • CVE-2020-12666MedMay 5, 2020
    risk 0.33cvss 6.1epss 0.01

    macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL.

  • CVE-2020-12283MedApr 30, 2020
    risk 0.33cvss 6.1epss 0.01

    Sourcegraph before 3.15.1 has a vulnerable authentication workflow because of improper validation in the SafeRedirectURL method in cmd/frontend/auth/redirect.go, such as for the //foo//example.com substring.

  • CVE-2019-6035MedDec 26, 2019
    risk 0.33cvss 6.1epss 0.01

    Open redirect vulnerability in Athenz v1.8.24 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page.

  • CVE-2014-3652MedDec 15, 2019
    risk 0.33cvss 6.1epss 0.01

    JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL.

  • CVE-2019-19703MedDec 10, 2019
    risk 0.33cvss 6.1epss 0.01

    In Ktor through 1.2.6, the client resends data from the HTTP Authorization header to a redirect location.

  • CVE-2019-10372MedAug 7, 2019
    risk 0.33cvss 6.1epss 0.01

    An open redirect vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows attackers to redirect users to a URL outside Jenkins after successful login.

  • CVE-2019-10856MedApr 4, 2019
    risk 0.33cvss 6.1epss 0.01

    In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.

  • CVE-2019-10255MedMar 28, 2019
    risk 0.33cvss 6.1epss 0.02

    An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url…

  • CVE-2018-19790MedDec 18, 2018
    risk 0.33cvss 6.1epss 0.01

    An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the…

  • CVE-2018-15178MedAug 8, 2018
    risk 0.33cvss 6.1epss 0.01

    Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go.

  • CVE-2018-14474MedJul 20, 2018
    risk 0.33cvss 6.1epss 0.02

    views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup.

  • CVE-2018-14381MedJul 18, 2018
    risk 0.33cvss 6.1epss 0.01

    Pagekit before 1.0.14 has a /user/login?redirect= open redirect vulnerability.

  • CVE-2018-11041MedJun 25, 2018
    risk 0.33cvss 6.1epss 0.01

    Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than v48 and prior to v60 except v55.1 and v52.9, does not validate redirect URL values on a form parameter used for internal UAA redirects on the login page,…

  • CVE-2018-11408MedJun 13, 2018
    risk 0.33cvss 6.1epss 0.01

    The security handlers in the Security component in Symfony in 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11 have an Open redirect vulnerability when security.http_utils is inlined by a container. NOTE: this issue…

  • CVE-2018-3743MedJun 1, 2018
    risk 0.33cvss 6.1epss 0.01

    Open redirect in hekto <=0.2.3 when target domain name is used as html filename on server.

  • CVE-2015-8094MedMay 22, 2018
    risk 0.33cvss 6.1epss 0.02

    Open redirect vulnerability in Cloudera HUE before 3.10.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter.

  • CVE-2018-10101MedApr 16, 2018
    risk 0.33cvss 6.1epss 0.03

    Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.

  • CVE-2018-10100MedApr 16, 2018
    risk 0.33cvss 6.1epss 0.03

    Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.

  • CVE-2017-1000481MedJan 3, 2018
    risk 0.33cvss 6.1epss 0.01

    When you visit a page where you need to login, Plone 2.5-5.1rc1 sends you to the login form with a 'came_from' parameter set to the previous url. After you login, you get redirected to the page you tried to view before. An attacker might try to abuse this by letting you click on…

  • CVE-2015-6961MedOct 18, 2017
    risk 0.33cvss 6.1epss 0.01

    Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout.