CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Description
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-178
CVEs mapped to this weakness (835)
page 24 of 42| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-3880 | Med | 0.33 | 6.1 | 0.02 | Sep 19, 2017 | Open redirect vulnerability in phpBB before 3.0.14 and 3.1.x before 3.1.4 allows remote attackers to redirect users of Google Chrome to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||
| CVE-2017-1002150 | Med | 0.33 | 6.1 | 0.01 | Sep 14, 2017 | python-fedora 0.8.0 and lower is vulnerable to an open redirect resulting in loss of CSRF protection | ||
| CVE-2015-2749 | Med | 0.33 | 6.1 | 0.01 | Sep 13, 2017 | Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter. | ||
| CVE-2017-1000070 | Med | 0.33 | 6.1 | 0.01 | Jul 17, 2017 | The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819 | ||
| CVE-2017-7234 | Med | 0.33 | 6.1 | 0.02 | Apr 4, 2017 | A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability. | ||
| CVE-2017-7233 | Med | 0.33 | 6.1 | 0.02 | Apr 4, 2017 | Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs "safe" when they… | ||
| CVE-2017-7266 | Med | 0.33 | 6.1 | 0.01 | Mar 26, 2017 | Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout functionality accepted the "next" parameter which then redirects to any domain irrespective of the Host header. | ||
| CVE-2015-8760 | Med | 0.33 | 6.1 | 0.01 | Jan 8, 2016 | The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing." | ||
| CVE-2026-28301 | Med | 0.31 | 4.8 | 0.00 | Jun 9, 2026 | A vulnerability in which an attacker can provide a crafted external URL that may redirect a user to an unintended website. | ||
| CVE-2026-43924 | Med | 0.31 | — | 0.00 | Jun 3, 2026 | FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the Redirect module does not validate the URL scheme of administrator-configured destination URLs before storing or issuing redirects. This allows arbitrary external URLs to be… | ||
| CVE-2026-49059 | Med | 0.31 | 4.7 | 0.00 | May 27, 2026 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Facebook Facebook for WooCommerce allows Phishing. This issue affects Facebook for WooCommerce: from n/a through 3.7.0. | ||
| CVE-2026-44833 | Med | 0.31 | 5.9 | 0.00 | May 26, 2026 | Snipe-IT is an IT asset/license management system. Prior to 8.4.1, an open redirect vulnerability in Snipe-IT allows attackers to redirect users to malicious sites via unvalidated HTTP Referer header stored in session variable. This vulnerability is fixed in 8.4.1. | ||
| CVE-2026-2813 | Med | 0.31 | 4.7 | 0.00 | May 20, 2026 | ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended,… | ||
| CVE-2026-35253 | Med | 0.31 | 4.7 | 0.00 | May 6, 2026 | Vulnerability in the Oracle Macoron Tool product of Oracle Open Source Projects. The supported versions that is affected is v0.22.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Macaron Tool. Successful… | ||
| CVE-2026-41226 | Med | 0.31 | 4.7 | 0.00 | Apr 30, 2026 | Open redirect vulnerability exists in Multiple laser printers and MFPs which implement Ricoh Web Image Monitor. When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. | ||
| CVE-2026-20060 | Med | 0.31 | 4.7 | 0.00 | Apr 15, 2026 | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could… | ||
| CVE-2026-39484 | Med | 0.31 | 4.7 | 0.00 | Apr 8, 2026 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through < 7.0.00. | ||
| CVE-2026-28106 | Med | 0.31 | 4.7 | 0.00 | Mar 6, 2026 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kings Plugins B2BKing Premium allows Phishing.This issue affects B2BKing Premium: from n/a before 5.4.20. | ||
| CVE-2026-25392 | — | Med | 0.31 | 4.7 | 0.00 | Feb 19, 2026 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in KaizenCoders Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress update-urls allows Phishing.This issue affects Update URLs – Quick and Easy way to search old… | |
| CVE-2026-1277 | Med | 0.31 | 4.7 | 0.01 | Feb 18, 2026 | The URL Shortify plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.12.1 due to insufficient validation on the 'redirect_to' parameter in the promotional dismissal handler. This makes it possible for unauthenticated attackers to redirect… |
- risk 0.33cvss 6.1epss 0.02
Open redirect vulnerability in phpBB before 3.0.14 and 3.1.x before 3.1.4 allows remote attackers to redirect users of Google Chrome to arbitrary web sites and conduct phishing attacks via unspecified vectors.
- risk 0.33cvss 6.1epss 0.01
python-fedora 0.8.0 and lower is vulnerable to an open redirect resulting in loss of CSRF protection
- risk 0.33cvss 6.1epss 0.01
Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
- risk 0.33cvss 6.1epss 0.01
The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819
- risk 0.33cvss 6.1epss 0.02
A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability.
- risk 0.33cvss 6.1epss 0.02
Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs "safe" when they…
- risk 0.33cvss 6.1epss 0.01
Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout functionality accepted the "next" parameter which then redirects to any domain irrespective of the Host header.
- risk 0.33cvss 6.1epss 0.01
The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."
- risk 0.31cvss 4.8epss 0.00
A vulnerability in which an attacker can provide a crafted external URL that may redirect a user to an unintended website.
- risk 0.31cvss —epss 0.00
FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the Redirect module does not validate the URL scheme of administrator-configured destination URLs before storing or issuing redirects. This allows arbitrary external URLs to be…
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Facebook Facebook for WooCommerce allows Phishing. This issue affects Facebook for WooCommerce: from n/a through 3.7.0.
- risk 0.31cvss 5.9epss 0.00
Snipe-IT is an IT asset/license management system. Prior to 8.4.1, an open redirect vulnerability in Snipe-IT allows attackers to redirect users to malicious sites via unvalidated HTTP Referer header stored in session variable. This vulnerability is fixed in 8.4.1.
- risk 0.31cvss 4.7epss 0.00
ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirecting the browser to an unintended,…
- risk 0.31cvss 4.7epss 0.00
Vulnerability in the Oracle Macoron Tool product of Oracle Open Source Projects. The supported versions that is affected is v0.22.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Macaron Tool. Successful…
- risk 0.31cvss 4.7epss 0.00
Open redirect vulnerability exists in Multiple laser printers and MFPs which implement Ricoh Web Image Monitor. When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack.
- risk 0.31cvss 4.7epss 0.00
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could…
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through < 7.0.00.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kings Plugins B2BKing Premium allows Phishing.This issue affects B2BKing Premium: from n/a before 5.4.20.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in KaizenCoders Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress update-urls allows Phishing.This issue affects Update URLs – Quick and Easy way to search old…
- risk 0.31cvss 4.7epss 0.01
The URL Shortify plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.12.1 due to insufficient validation on the 'redirect_to' parameter in the promotional dismissal handler. This makes it possible for unauthenticated attackers to redirect…