VYPR

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

BaseDraftLikelihood: Low

Description

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-178

CVEs mapped to this weakness (835)

page 39 of 42
  • CVE-2021-29651Apr 2, 2021
    risk 0.00cvss epss 0.01

    Pomerium before 0.13.4 has an Open Redirect (issue 1 of 2).

  • CVE-2021-21377Mar 23, 2021
    risk 0.00cvss epss 0.01

    OMERO.web is open source Django-based software for managing microscopy imaging. OMERO.web before version 5.9.0 supports redirection to a given URL after performing login or switching the group context. These URLs are not validated, allowing redirection to untrusted sites.…

  • CVE-2021-21338Mar 23, 2021
    risk 0.00cvss epss 0.01

    TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and…

  • CVE-2021-21337Mar 8, 2021
    risk 0.00cvss epss 0.08

    Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an open redirect vulnerability. A maliciously crafted link to the login form and login functionality could redirect the…

  • CVE-2021-21273Feb 26, 2021
    risk 0.00cvss epss 0.02

    Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, requests to user provided domains were not restricted to external IP addresses when…

  • CVE-2021-21330Feb 26, 2021
    risk 0.00cvss epss 0.02

    aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a…

  • CVE-2021-3189Feb 19, 2021
    risk 0.00cvss epss 0.01

    The slashify package 1.0.0 for Node.js allows open-redirect attacks, as demonstrated by a localhost:3000///example.com/ substring.

  • CVE-2021-22881Feb 11, 2021
    risk 0.00cvss epss 0.87

    The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `Host` headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users…

  • CVE-2020-10734Feb 11, 2021
    risk 0.00cvss epss 0.00

    A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have CSRF protection. Versions shipped with Red Hat Fuse 7, Red Hat Single Sign-on 7, and Red Hat Openshift Application Runtimes are believed to be vulnerable.

  • CVE-2021-21291Feb 2, 2021
    risk 0.00cvss epss 0.01

    OAuth2 Proxy is an open-source reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. In OAuth2 Proxy before version 7.0.0, for users that use the whitelist domain feature, a…

  • CVE-2020-35678Dec 27, 2020
    risk 0.00cvss epss 0.01

    Autobahn|Python before 20.12.3 allows redirect header injection.

  • CVE-2020-26275Dec 21, 2020
    risk 0.00cvss epss 0.01

    The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect…

  • CVE-2020-29565Dec 4, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic…

  • CVE-2020-26232Nov 24, 2020
    risk 0.00cvss epss 0.01

    Jupyter Server before version 1.0.6 has an Open redirect vulnerability. A maliciously crafted link to a jupyter server could redirect the browser to a different website. All jupyter servers are technically affected, however, these maliciously crafted links can only be reasonably…

  • CVE-2020-26215Nov 18, 2020
    risk 0.00cvss epss 0.01

    Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be…

  • CVE-2020-28724Nov 18, 2020
    risk 0.00cvss epss 0.02

    Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL.

  • CVE-2020-15241Oct 8, 2020
    risk 0.00cvss epss 0.01

    TYPO3 Fluid Engine (package `typo3fluid/fluid`) before versions 2.0.5, 2.1.4, 2.2.1, 2.3.5, 2.4.1, 2.5.5 or 2.6.1 is vulnerable to cross-site scripting when making use of the ternary conditional operator in templates like `{showFullName ? fullName : defaultValue}`. Updated…

  • CVE-2020-15242Oct 8, 2020
    risk 0.00cvss epss 0.01

    Next.js versions >=9.5.0 and <9.5.4 are vulnerable to an Open Redirect. Specially encoded paths could be used with the trailing slash redirect to allow an open redirect to occur to an external site. In general, this redirect does not directly harm users although can allow for…

  • CVE-2020-15233Oct 2, 2020
    risk 0.00cvss epss 0.01

    ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. In Fosite from version 0.30.2 and before version 0.34.1, there is an issue in which an an attacker can override the registered redirect URL by performing an OAuth flow and requesting a redirect URL that is…

  • CVE-2020-15234Oct 2, 2020
    risk 0.00cvss epss 0.01

    ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. In Fosite before version 0.34.1, the OAuth 2.0 Client's registered redirect URLs and the redirect URL provided at the OAuth2 Authorization Endpoint where compared using strings.ToLower while they should…