CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Description
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-178
CVEs mapped to this weakness (835)
page 38 of 42| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-37699 | 0.00 | — | 0.01 | Aug 11, 2021 | Next.js is an open source website development framework to be used with the React library. In affected versions specially encoded paths could be used when pages/_error.js was statically generated allowing an open redirect to occur to an external site. In general, this redirect… | |||
| CVE-2021-33331 | — | 0.00 | — | 0.01 | Aug 3, 2021 | Open redirect vulnerability in the Notifications module in Liferay Portal 7.0.0 through 7.3.1, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19 and 7.2 before fix pack 8, allows remote attackers to redirect users to arbitrary external URLs via the 'redirect'… | ||
| CVE-2021-32806 | 0.00 | — | 0.01 | Aug 2, 2021 | Products.isurlinportal is a replacement for isURLInPortal method in Plone. Versions of Products.isurlinportal prior to 1.2.0 have an Open Redirect vulnerability. Various parts of Plone use the 'is url in portal' check for security, mostly to see if it is safe to redirect to a… | |||
| CVE-2021-3664 | — | 0.00 | — | 0.02 | Jul 26, 2021 | url-parse is vulnerable to URL Redirection to Untrusted Site | ||
| CVE-2021-3647 | — | 0.00 | — | 0.01 | Jul 16, 2021 | URI.js is vulnerable to URL Redirection to Untrusted Site | ||
| CVE-2021-23401 | 0.00 | — | 0.01 | Jul 5, 2021 | This affects all versions of package Flask-User. When using the make_safe_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as /////evil.com/path or \\\evil.com/path. This vulnerability is only… | |||
| CVE-2021-21673 | 0.00 | — | 0.02 | Jun 30, 2021 | Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks. | |||
| CVE-2021-32721 | 0.00 | — | 0.01 | Jun 29, 2021 | PowerMux is a drop-in replacement for Go's http.ServeMux. In PowerMux versions prior to 1.1.1, attackers may be able to craft phishing links and other open redirects by exploiting the trailing slash redirection feature. This may lead to users being redirected to untrusted sites… | |||
| CVE-2021-22903 | — | 0.00 | — | 0.01 | Jun 11, 2021 | The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This… | ||
| CVE-2021-23393 | — | 0.00 | — | 0.01 | Jun 10, 2021 | This affects the package Flask-Unchained before 0.9.0. When using the the _validate_redirect_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vulnerability is only… | ||
| CVE-2021-25640 | — | 0.00 | — | 0.02 | May 31, 2021 | In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method will lead to the bypass of white host check which can cause open redirect or SSRF vulnerability. | ||
| CVE-2021-32645 | 0.00 | — | 0.01 | May 27, 2021 | Tenancy multi-tenant is an open source multi-domain controller for the Laravel web framework. In some situations, it is possible to have open redirects where users can be redirected from your site to any other site using a specially crafted URL. This is only the case for… | |||
| CVE-2021-23387 | — | 0.00 | — | 0.01 | May 24, 2021 | The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::createTrailing(), as the web… | ||
| CVE-2021-32618 | 0.00 | — | 0.03 | May 17, 2021 | The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is an independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. All versions of Flask-Security-Too allow redirects after many… | |||
| CVE-2021-23384 | 0.00 | — | 0.01 | May 17, 2021 | The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in… | |||
| CVE-2020-13662 | 0.00 | — | 0.01 | May 5, 2021 | Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions. | |||
| CVE-2021-28125 | 0.00 | — | 0.64 | Apr 27, 2021 | Apache Superset up to and including 1.0.1 allowed for the creation of an external URL that could be malicious. By not checking user input for open redirects the URL shortener functionality would allow for a malicious user to create a short URL for a dashboard that could convince… | |||
| CVE-2021-29456 | 0.00 | — | 0.01 | Apr 21, 2021 | Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. In versions 4.27.4 and earlier, utilizing a HTTP query parameter an attacker is able to redirect users from the… | |||
| CVE-2021-21392 | 0.00 | — | 0.01 | Apr 12, 2021 | Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when… | |||
| CVE-2021-29652 | — | 0.00 | — | 0.01 | Apr 2, 2021 | Pomerium from version 0.10.0-0.13.3 has an Open Redirect in the user sign-in/out process |
- CVE-2021-37699Aug 11, 2021risk 0.00cvss —epss 0.01
Next.js is an open source website development framework to be used with the React library. In affected versions specially encoded paths could be used when pages/_error.js was statically generated allowing an open redirect to occur to an external site. In general, this redirect…
- CVE-2021-33331Aug 3, 2021risk 0.00cvss —epss 0.01
Open redirect vulnerability in the Notifications module in Liferay Portal 7.0.0 through 7.3.1, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19 and 7.2 before fix pack 8, allows remote attackers to redirect users to arbitrary external URLs via the 'redirect'…
- CVE-2021-32806Aug 2, 2021risk 0.00cvss —epss 0.01
Products.isurlinportal is a replacement for isURLInPortal method in Plone. Versions of Products.isurlinportal prior to 1.2.0 have an Open Redirect vulnerability. Various parts of Plone use the 'is url in portal' check for security, mostly to see if it is safe to redirect to a…
- CVE-2021-3664Jul 26, 2021risk 0.00cvss —epss 0.02
url-parse is vulnerable to URL Redirection to Untrusted Site
- CVE-2021-3647Jul 16, 2021risk 0.00cvss —epss 0.01
URI.js is vulnerable to URL Redirection to Untrusted Site
- CVE-2021-23401Jul 5, 2021risk 0.00cvss —epss 0.01
This affects all versions of package Flask-User. When using the make_safe_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as /////evil.com/path or \\\evil.com/path. This vulnerability is only…
- CVE-2021-21673Jun 30, 2021risk 0.00cvss —epss 0.02
Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.
- CVE-2021-32721Jun 29, 2021risk 0.00cvss —epss 0.01
PowerMux is a drop-in replacement for Go's http.ServeMux. In PowerMux versions prior to 1.1.1, attackers may be able to craft phishing links and other open redirects by exploiting the trailing slash redirection feature. This may lead to users being redirected to untrusted sites…
- CVE-2021-22903Jun 11, 2021risk 0.00cvss —epss 0.01
The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This…
- CVE-2021-23393Jun 10, 2021risk 0.00cvss —epss 0.01
This affects the package Flask-Unchained before 0.9.0. When using the the _validate_redirect_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vulnerability is only…
- CVE-2021-25640May 31, 2021risk 0.00cvss —epss 0.02
In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method will lead to the bypass of white host check which can cause open redirect or SSRF vulnerability.
- CVE-2021-32645May 27, 2021risk 0.00cvss —epss 0.01
Tenancy multi-tenant is an open source multi-domain controller for the Laravel web framework. In some situations, it is possible to have open redirects where users can be redirected from your site to any other site using a specially crafted URL. This is only the case for…
- CVE-2021-23387May 24, 2021risk 0.00cvss —epss 0.01
The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::createTrailing(), as the web…
- CVE-2021-32618May 17, 2021risk 0.00cvss —epss 0.03
The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is an independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. All versions of Flask-Security-Too allow redirects after many…
- CVE-2021-23384May 17, 2021risk 0.00cvss —epss 0.01
The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in…
- CVE-2020-13662May 5, 2021risk 0.00cvss —epss 0.01
Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions.
- CVE-2021-28125Apr 27, 2021risk 0.00cvss —epss 0.64
Apache Superset up to and including 1.0.1 allowed for the creation of an external URL that could be malicious. By not checking user input for open redirects the URL shortener functionality would allow for a malicious user to create a short URL for a dashboard that could convince…
- CVE-2021-29456Apr 21, 2021risk 0.00cvss —epss 0.01
Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. In versions 4.27.4 and earlier, utilizing a HTTP query parameter an attacker is able to redirect users from the…
- CVE-2021-21392Apr 12, 2021risk 0.00cvss —epss 0.01
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when…
- CVE-2021-29652Apr 2, 2021risk 0.00cvss —epss 0.01
Pomerium from version 0.10.0-0.13.3 has an Open Redirect in the user sign-in/out process