VYPR

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

BaseDraftLikelihood: Low

Description

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-178

CVEs mapped to this weakness (835)

page 38 of 42
  • CVE-2021-37699Aug 11, 2021
    risk 0.00cvss epss 0.01

    Next.js is an open source website development framework to be used with the React library. In affected versions specially encoded paths could be used when pages/_error.js was statically generated allowing an open redirect to occur to an external site. In general, this redirect…

  • CVE-2021-33331Aug 3, 2021
    risk 0.00cvss epss 0.01

    Open redirect vulnerability in the Notifications module in Liferay Portal 7.0.0 through 7.3.1, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19 and 7.2 before fix pack 8, allows remote attackers to redirect users to arbitrary external URLs via the 'redirect'…

  • CVE-2021-32806Aug 2, 2021
    risk 0.00cvss epss 0.01

    Products.isurlinportal is a replacement for isURLInPortal method in Plone. Versions of Products.isurlinportal prior to 1.2.0 have an Open Redirect vulnerability. Various parts of Plone use the 'is url in portal' check for security, mostly to see if it is safe to redirect to a…

  • CVE-2021-3664Jul 26, 2021
    risk 0.00cvss epss 0.02

    url-parse is vulnerable to URL Redirection to Untrusted Site

  • CVE-2021-3647Jul 16, 2021
    risk 0.00cvss epss 0.01

    URI.js is vulnerable to URL Redirection to Untrusted Site

  • CVE-2021-23401Jul 5, 2021
    risk 0.00cvss epss 0.01

    This affects all versions of package Flask-User. When using the make_safe_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as /////evil.com/path or \\\evil.com/path. This vulnerability is only…

  • CVE-2021-21673Jun 30, 2021
    risk 0.00cvss epss 0.02

    Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.

  • CVE-2021-32721Jun 29, 2021
    risk 0.00cvss epss 0.01

    PowerMux is a drop-in replacement for Go's http.ServeMux. In PowerMux versions prior to 1.1.1, attackers may be able to craft phishing links and other open redirects by exploiting the trailing slash redirection feature. This may lead to users being redirected to untrusted sites…

  • CVE-2021-22903Jun 11, 2021
    risk 0.00cvss epss 0.01

    The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. This…

  • CVE-2021-23393Jun 10, 2021
    risk 0.00cvss epss 0.01

    This affects the package Flask-Unchained before 0.9.0. When using the the _validate_redirect_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vulnerability is only…

  • CVE-2021-25640May 31, 2021
    risk 0.00cvss epss 0.02

    In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method will lead to the bypass of white host check which can cause open redirect or SSRF vulnerability.

  • CVE-2021-32645May 27, 2021
    risk 0.00cvss epss 0.01

    Tenancy multi-tenant is an open source multi-domain controller for the Laravel web framework. In some situations, it is possible to have open redirects where users can be redirected from your site to any other site using a specially crafted URL. This is only the case for…

  • CVE-2021-23387May 24, 2021
    risk 0.00cvss epss 0.01

    The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::createTrailing(), as the web…

  • CVE-2021-32618May 17, 2021
    risk 0.00cvss epss 0.03

    The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is an independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. All versions of Flask-Security-Too allow redirects after many…

  • CVE-2021-23384May 17, 2021
    risk 0.00cvss epss 0.01

    The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in…

  • CVE-2020-13662May 5, 2021
    risk 0.00cvss epss 0.01

    Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions.

  • CVE-2021-28125Apr 27, 2021
    risk 0.00cvss epss 0.64

    Apache Superset up to and including 1.0.1 allowed for the creation of an external URL that could be malicious. By not checking user input for open redirects the URL shortener functionality would allow for a malicious user to create a short URL for a dashboard that could convince…

  • CVE-2021-29456Apr 21, 2021
    risk 0.00cvss epss 0.01

    Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. In versions 4.27.4 and earlier, utilizing a HTTP query parameter an attacker is able to redirect users from the…

  • CVE-2021-21392Apr 12, 2021
    risk 0.00cvss epss 0.01

    Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when…

  • CVE-2021-29652Apr 2, 2021
    risk 0.00cvss epss 0.01

    Pomerium from version 0.10.0-0.13.3 has an Open Redirect in the user sign-in/out process