VYPR

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

BaseDraftLikelihood: Low

Description

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-178

CVEs mapped to this weakness (835)

page 32 of 42
  • CVE-2026-22560MedApr 10, 2026
    risk 0.27cvss 5.3epss 0.00

    An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint.

  • CVE-2025-6197MedJul 18, 2025
    risk 0.27cvss 4.2epss 0.04

    An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL

  • CVE-2024-32078MedApr 24, 2024
    risk 0.27cvss 4.1epss 0.00

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from n/a through 7.5.44.7212.

  • CVE-2023-51517MedDec 29, 2023
    risk 0.27cvss 4.1epss 0.00

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CodePeople Calculated Fields Form.This issue affects Calculated Fields Form: from n/a through 1.2.28.

  • CVE-2022-23538MedJan 17, 2023
    risk 0.27cvss 5.2epss 0.01

    github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services (SCS) Container Library Service. When the scs-library-client is used to pull a container image, with authentication, the HTTP Authorization header sent by the client to the library…

  • CVE-2026-42350MedMay 8, 2026
    risk 0.26cvss epss 0.00

    Kargo manages and automates the promotion of software artifacts. Prior to versions 1.7.10, 1.8.13, 1.9.8, and 1.10.2, Kargo is vulnerable to open redirect in UI OIDC login flow via the redirectTo query parameter. This issue has been patched in versions 1.7.10, 1.8.13, 1.9.8, and…

  • CVE-2025-64716MedNov 13, 2025
    risk 0.26cvss epss 0.00

    Anubis is a Web AI Firewall Utility that challenges users' connections in order to protect upstream resources from scraper bots. Prior to version 1.23.0, when using subrequest authentication, Anubis did not perform validation of the redirect URL and redirects user to any URL…

  • CVE-2025-55751MedAug 20, 2025
    risk 0.26cvss epss 0.00

    OnboardLite is the result of the Influx Initiative, our vision for an improved student organization lifecycle at the University of Central Florida. An attacker can craft a link to the trusted application that, when visited, redirects the user to a malicious external site. This…

  • CVE-2025-55166MedAug 12, 2025
    risk 0.26cvss epss 0.00

    savg-sanitizer is a PHP SVG/XML sanitizer. Prior to version 0.22.0, the sanitization logic in the cleanXlinkHrefs method only searches for lower-case attribute name, which allows to by-pass the isHrefSafeValue check. As a result this allows cross-site scripting or linking to…

  • CVE-2025-54414MedJul 26, 2025
    risk 0.26cvss epss 0.00

    Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute…

  • CVE-2024-53264MedNov 27, 2024
    risk 0.26cvss epss 0.01

    bunkerweb is an Open-source and next-generation Web Application Firewall (WAF). A open redirect vulnerability exists in the loading endpoint, allowing attackers to redirect authenticated users to arbitrary external URLs via the "next" parameter. The loading endpoint accepts and…

  • CVE-2026-2376MedMar 12, 2026
    risk 0.25cvss 4.9epss 0.00

    A flaw was found in mirror-registry where an authenticated user can trick the system into accessing unintended internal or restricted systems by providing malicious web addresses. When the application processes these addresses, it automatically follows redirects without…

  • CVE-2026-41513MedMay 12, 2026
    risk 0.24cvss epss 0.00

    Horilla is an HR and CRM software. In 1.5.0, the notification endpoints trust the unvalidated next parameter and redirect users to arbitrary external URLs. This allows an attacker to turn trusted application links into phishing or social-engineering redirects.

  • CVE-2026-32932MedApr 10, 2026
    risk 0.24cvss 4.7epss 0.00

    Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Open Redirect vulnerability in the session course edit page allows an attacker to redirect an authenticated administrator to an arbitrary external URL after saving coach assignment changes. The…

  • CVE-2026-35404MedApr 6, 2026
    risk 0.24cvss 4.7epss 0.00

    Open edX Platform enables the authoring and delivery of online learning at any scale. The view_survey endpoint accepts a redirect_url GET parameter that is passed directly to HttpResponseRedirect() without any URL validation. When a non-existent survey name is provided, the…

  • CVE-2026-34847MedApr 2, 2026
    risk 0.24cvss 4.7epss 0.00

    hoppscotch is an open source API development ecosystem. Prior to version 2026.3.0, the /enter page contains a DOM-based open redirect vulnerability. The redirect query parameter is directly used to construct a URL and redirect the user without proper validation. This issue has…

  • CVE-2025-69725MedFeb 19, 2026
    risk 0.24cvss 4.7epss 0.00

    An Open Redirect vulnerability in the go-chi/chi >=5.2.2 RedirectSlashes function allows remote attackers to redirect victim users to malicious websites using the legitimate website domain.

  • CVE-2026-25198MedFeb 5, 2026
    risk 0.24cvss 4.7epss 0.00

    web2py versions 2.27.1-stable+timestamp.2023.11.16.08.03.57 and prior contain an open redirect vulnerability. If this vulnerability is exploited, the user may be redirected to an arbitrary website when accessing a specially crafted URL. As a result, the user may become a victim…

  • CVE-2025-11167MedOct 11, 2025
    risk 0.24cvss 4.7epss 0.00

    The CM Registration – Tailored tool for seamless login and invitation-based registrations plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 2.5.6. This is due to insufficient validation on the redirect url supplied via the 'redirect_url'…

  • CVE-2025-58204MedAug 27, 2025
    risk 0.24cvss 4.7epss 0.00

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Eric Teubert Podlove Podcast Publisher podlove-podcasting-plugin-for-wordpress allows Phishing.This issue affects Podlove Podcast Publisher: from n/a through <= 4.2.5.