CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Description
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-178
CVEs mapped to this weakness (835)
page 36 of 42| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-31151 | 0.00 | — | 0.01 | Jul 20, 2022 | Authorization headers are cleared on cross-origin redirect. However, cookie headers which are sensitive headers and are official headers found in the spec, remain uncleared. There are active users using cookie headers in undici. This may lead to accidental leakage of cookie to a… | |||
| CVE-2022-2252 | 0.00 | — | 0.01 | Jun 29, 2022 | Open Redirect in GitHub repository microweber/microweber prior to 1.2.19. | |||
| CVE-2022-33146 | 0.00 | — | 0.01 | Jun 27, 2022 | Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL. | |||
| CVE-2022-24969 | — | 0.00 | — | 0.02 | Jun 6, 2022 | bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability. | ||
| CVE-2022-29718 | — | 0.00 | — | 0.01 | Jun 2, 2022 | Caddy v2.4 was discovered to contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links. | ||
| CVE-2022-29214 | 0.00 | — | 0.01 | May 20, 2022 | NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. Prior to versions 3.29.3 and 4.3.3, an open redirect vulnerability is present when the developer is implementing an OAuth 1 provider. Versions 3.29.3 and 4.3.3 contain a patch for this… | |||
| CVE-2022-24858 | 0.00 | — | 0.01 | Apr 19, 2022 | next-auth v3 users before version 3.29.2 are impacted. next-auth version 4 users before version 4.3.2 are also impacted. Upgrading to 3.29.2 or 4.3.2 will patch this vulnerability. If you are not able to upgrade for any reason, you can add a configuration to your callbacks… | |||
| CVE-2022-27463 | 0.00 | — | 0.01 | Apr 5, 2022 | Open redirect vulnerability in objects/login.json.php in WWBN AVideo through 11.6, allows attackers to arbitrarily redirect users from a crafted url to the login page. | |||
| CVE-2022-1233 | — | 0.00 | — | 0.01 | Apr 4, 2022 | URL Confusion When Scheme Not Supplied in GitHub repository medialize/uri.js prior to 1.19.11. | ||
| CVE-2022-24794 | 0.00 | — | 0.01 | Mar 31, 2022 | Express OpenID Connect is an Express JS middleware implementing sign on for Express web apps using OpenID Connect. Users of the `requiresAuth` middleware, either directly or through the default `authRequired` option, are vulnerable to an Open Redirect when the middleware is… | |||
| CVE-2022-24776 | 0.00 | — | 0.01 | Mar 24, 2022 | Flask-AppBuilder is an application development framework, built on top of the Flask web framework. Flask-AppBuilder contains an open redirect vulnerability when using database authentication login page on versions below 3.4.5. This issue is fixed in version 3.4.5. There are… | |||
| CVE-2022-1058 | 0.00 | — | 0.53 | Mar 24, 2022 | Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5. | |||
| CVE-2022-24739 | 0.00 | — | 0.01 | Mar 8, 2022 | alltube is an html front end for youtube-dl. On releases prior to 3.0.3, an attacker could craft a special HTML page to trigger either an open redirect attack or a Server-Side Request Forgery attack (depending on how AllTube is configured). The impact is mitigated by the fact… | |||
| CVE-2022-0697 | — | 0.00 | — | 0.01 | Mar 6, 2022 | Open Redirect in GitHub repository archivy/archivy prior to 1.7.0. | ||
| CVE-2022-0868 | — | 0.00 | — | 0.01 | Mar 6, 2022 | Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10. | ||
| CVE-2022-0869 | 0.00 | — | 0.03 | Mar 6, 2022 | Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3. | |||
| CVE-2022-24719 | 0.00 | — | 0.01 | Mar 1, 2022 | Fluture-Node is a FP-style HTTP and streaming utils for Node based on Fluture. Using `followRedirects` or `followRedirectsWith` with any of the redirection strategies built into fluture-node 4.0.0 or 4.0.1, paired with a request that includes confidential headers such as… | |||
| CVE-2021-23495 | 0.00 | — | 0.01 | Feb 25, 2022 | The package karma before 6.3.16 are vulnerable to Open Redirect due to missing validation of the return_url query parameter. | |||
| CVE-2022-0692 | — | 0.00 | — | 0.03 | Feb 21, 2022 | Open Redirect on Rudloff/alltube in Packagist rudloff/alltube prior to 3.0.1. | ||
| CVE-2022-25196 | 0.00 | — | 0.01 | Feb 15, 2022 | Jenkins GitLab Authentication Plugin 1.13 and earlier records the HTTP Referer header as part of the URL query parameters when the authentication process starts, allowing attackers with access to Jenkins to craft a URL that will redirect users to an attacker-specified URL after… |
- CVE-2022-31151Jul 20, 2022risk 0.00cvss —epss 0.01
Authorization headers are cleared on cross-origin redirect. However, cookie headers which are sensitive headers and are official headers found in the spec, remain uncleared. There are active users using cookie headers in undici. This may lead to accidental leakage of cookie to a…
- CVE-2022-2252Jun 29, 2022risk 0.00cvss —epss 0.01
Open Redirect in GitHub repository microweber/microweber prior to 1.2.19.
- CVE-2022-33146Jun 27, 2022risk 0.00cvss —epss 0.01
Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
- CVE-2022-24969Jun 6, 2022risk 0.00cvss —epss 0.02
bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability.
- CVE-2022-29718Jun 2, 2022risk 0.00cvss —epss 0.01
Caddy v2.4 was discovered to contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.
- CVE-2022-29214May 20, 2022risk 0.00cvss —epss 0.01
NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. Prior to versions 3.29.3 and 4.3.3, an open redirect vulnerability is present when the developer is implementing an OAuth 1 provider. Versions 3.29.3 and 4.3.3 contain a patch for this…
- CVE-2022-24858Apr 19, 2022risk 0.00cvss —epss 0.01
next-auth v3 users before version 3.29.2 are impacted. next-auth version 4 users before version 4.3.2 are also impacted. Upgrading to 3.29.2 or 4.3.2 will patch this vulnerability. If you are not able to upgrade for any reason, you can add a configuration to your callbacks…
- CVE-2022-27463Apr 5, 2022risk 0.00cvss —epss 0.01
Open redirect vulnerability in objects/login.json.php in WWBN AVideo through 11.6, allows attackers to arbitrarily redirect users from a crafted url to the login page.
- CVE-2022-1233Apr 4, 2022risk 0.00cvss —epss 0.01
URL Confusion When Scheme Not Supplied in GitHub repository medialize/uri.js prior to 1.19.11.
- CVE-2022-24794Mar 31, 2022risk 0.00cvss —epss 0.01
Express OpenID Connect is an Express JS middleware implementing sign on for Express web apps using OpenID Connect. Users of the `requiresAuth` middleware, either directly or through the default `authRequired` option, are vulnerable to an Open Redirect when the middleware is…
- CVE-2022-24776Mar 24, 2022risk 0.00cvss —epss 0.01
Flask-AppBuilder is an application development framework, built on top of the Flask web framework. Flask-AppBuilder contains an open redirect vulnerability when using database authentication login page on versions below 3.4.5. This issue is fixed in version 3.4.5. There are…
- CVE-2022-1058Mar 24, 2022risk 0.00cvss —epss 0.53
Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5.
- CVE-2022-24739Mar 8, 2022risk 0.00cvss —epss 0.01
alltube is an html front end for youtube-dl. On releases prior to 3.0.3, an attacker could craft a special HTML page to trigger either an open redirect attack or a Server-Side Request Forgery attack (depending on how AllTube is configured). The impact is mitigated by the fact…
- CVE-2022-0697Mar 6, 2022risk 0.00cvss —epss 0.01
Open Redirect in GitHub repository archivy/archivy prior to 1.7.0.
- CVE-2022-0868Mar 6, 2022risk 0.00cvss —epss 0.01
Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10.
- CVE-2022-0869Mar 6, 2022risk 0.00cvss —epss 0.03
Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3.
- CVE-2022-24719Mar 1, 2022risk 0.00cvss —epss 0.01
Fluture-Node is a FP-style HTTP and streaming utils for Node based on Fluture. Using `followRedirects` or `followRedirectsWith` with any of the redirection strategies built into fluture-node 4.0.0 or 4.0.1, paired with a request that includes confidential headers such as…
- CVE-2021-23495Feb 25, 2022risk 0.00cvss —epss 0.01
The package karma before 6.3.16 are vulnerable to Open Redirect due to missing validation of the return_url query parameter.
- CVE-2022-0692Feb 21, 2022risk 0.00cvss —epss 0.03
Open Redirect on Rudloff/alltube in Packagist rudloff/alltube prior to 3.0.1.
- CVE-2022-25196Feb 15, 2022risk 0.00cvss —epss 0.01
Jenkins GitLab Authentication Plugin 1.13 and earlier records the HTTP Referer header as part of the URL query parameters when the authentication process starts, allowing attackers with access to Jenkins to craft a URL that will redirect users to an attacker-specified URL after…