VYPR

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

BaseDraftLikelihood: Low

Description

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-178

CVEs mapped to this weakness (835)

page 4 of 42
  • CVE-2016-9451MedNov 25, 2016
    risk 0.44cvss 6.8epss 0.02

    Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors.

  • CVE-2016-0204MedOct 16, 2016
    risk 0.44cvss 6.8epss 0.01

    Open redirect vulnerability in IBM Cloud Orchestrator 2.4.x before 2.4.0 FP3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

  • CVE-2016-5977MedSep 26, 2016
    risk 0.44cvss 6.8epss 0.01

    Open redirect vulnerability in the web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3…

  • CVE-2016-3040MedSep 26, 2016
    risk 0.44cvss 6.8epss 0.01

    IBM WebSphere Application Server (WAS) Liberty, as used in IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

  • CVE-2016-5878MedAug 8, 2016
    risk 0.44cvss 6.8epss 0.01

    Open redirect vulnerability in IBM FileNet Workplace 4.0.2 before 4.0.2.14 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

  • CVE-2026-43576HigMay 6, 2026
    risk 0.43cvss 7.7epss 0.00

    OpenClaw before 2026.4.5 contains a server-side request forgery vulnerability in the CDP /json/version WebSocket endpoint that allows attackers to pivot to untrusted second-hop targets. The webSocketDebuggerUrl response field is not properly validated, enabling attackers to…

  • CVE-2018-0924MedMar 14, 2018
    risk 0.43cvss 6.5epss 0.08

    Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 19, Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchange Server 2016 Cumulative Update 7, and…

  • CVE-2015-3898MedFeb 28, 2018
    risk 0.43cvss 6.1epss 0.06

    Multiple open redirect vulnerabilities in Bonita BPM Portal before 6.5.3 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the redirectUrl parameter to (1) bonita/login.jsp or (2) bonita/loginservice.

  • CVE-2015-4668MedSep 25, 2017
    risk 0.43cvss 6.1epss 0.07

    Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter.

  • CVE-2012-0518MedKEVOct 16, 2012
    risk 0.43cvss 4.7epss 0.05

    Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175.

  • CVE-2005-4206MedDec 13, 2005
    risk 0.43cvss 6.1epss 0.02

    Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame…

  • CVE-2026-34315MedApr 21, 2026
    risk 0.42cvss 6.5epss 0.00

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network…

  • CVE-2026-23817MedMar 11, 2026
    risk 0.42cvss 6.5epss 0.00

    A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL.

  • CVE-2025-7777MedAug 20, 2025
    risk 0.42cvss 6.5epss 0.00

    The mirror-registry doesn't properly sanitize the host header HTTP header in HTTP request received, allowing an attacker to perform malicious redirects to attacker-controlled domains or phishing campaigns.

  • CVE-2024-54728MedJan 27, 2025
    risk 0.42cvss 6.5epss 0.00

    Incorrect access control in BYD QIN PLUS DM-i Dilink OS 3.0_13.1.7.2204050.1 allows unauthorized attackers to access system logcat logs.

  • CVE-2024-56972MedJan 27, 2025
    risk 0.42cvss 6.5epss 0.00

    An issue in Midea Group Co., Ltd Midea Home iOS 9.3.12 allows attackers to access sensitive user information via supplying a crafted link.

  • CVE-2024-56971MedJan 27, 2025
    risk 0.42cvss 6.5epss 0.00

    An issue in Zhiyuan Yuedu (Guangzhou) Literature Information Technology Co., Ltd Shuqi Novel iOS 5.3.8 allows attackers to access sensitive user information via supplying a crafted link.

  • CVE-2024-56969MedJan 27, 2025
    risk 0.42cvss 6.5epss 0.00

    An issue in Pixocial Technology (Singapore) Pte. Ltd BeautyPlus iOS 7.8.010 allows attackers to access sensitive user information via supplying a crafted link.

  • CVE-2024-56968MedJan 27, 2025
    risk 0.42cvss 6.5epss 0.00

    An issue in Shenzhen Intellirocks Tech Co. Ltd Govee Home iOS 6.5.01 allows attackers to access sensitive user information via supplying a crafted payload.

  • CVE-2024-56967MedJan 27, 2025
    risk 0.42cvss 6.5epss 0.00

    An issue in Cloud Whale Interactive Technology LLC. PolyBuzz iOS 2.0.20 allows attackers to access sensitive user information via supplying a crafted link.