CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Description
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-178
CVEs mapped to this weakness (835)
page 8 of 42| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-4604 | Med | 0.40 | 6.1 | 0.00 | Jun 26, 2024 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magarsus Consultancy SSO (Single Sign On) allows Manipulating Hidden Fields. This issue affects SSO (Single Sign On): from 1.0 before 1.1. | ||
| CVE-2024-4133 | Med | 0.40 | 6.1 | 0.01 | May 2, 2024 | The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 4.0.30. This is due to insufficient validation on the redirect url supplied via the… | ||
| CVE-2019-10955 | Med | 0.40 | 6.1 | 0.03 | Apr 25, 2019 | In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370… | ||
| CVE-2018-17870 | Med | 0.40 | 6.1 | 0.01 | Oct 1, 2018 | An issue was discovered in BTITeam XBTIT 2.5.4. The "returnto" parameter of account_change.php is vulnerable to an open redirect, a different vulnerability than CVE-2018-15683. | ||
| CVE-2018-16954 | Med | 0.40 | 6.1 | 0.01 | Sep 18, 2018 | An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The login function of the portal is vulnerable to insecure redirection (also called an open redirect). The in_hi_redirect parameter is not validated by the application after a successful login. NOTE: this CVE… | ||
| CVE-2018-17074 | Med | 0.40 | 6.1 | 0.01 | Sep 16, 2018 | The Feed Statistics plugin before 4.0 for WordPress has an Open Redirect via the feed-stats-url parameter. | ||
| CVE-2018-5548 | Med | 0.40 | 6.1 | 0.01 | Sep 13, 2018 | On BIG-IP APM 11.6.0-11.6.3, an insecure AES ECB mode is used for orig_uri parameter in an undisclosed /vdesk link of APM virtual server configured with an access profile, allowing a malicious user to build a redirect URI value using different blocks of cipher texts. | ||
| CVE-2018-16761 | Med | 0.40 | 6.1 | 0.02 | Sep 9, 2018 | Eventum before 3.4.0 has an open redirect vulnerability. | ||
| CVE-2018-14398 | Med | 0.40 | 6.1 | 0.01 | Sep 7, 2018 | An issue was discovered in Creme CRM 1.6.12. The value of the cancel button uses the content of the HTTP Referer header, and could be used to trick a user into visiting a fake login page in order to steal credentials. | ||
| CVE-2018-14366 | Med | 0.40 | 6.1 | 0.01 | Sep 6, 2018 | download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability. | ||
| CVE-2018-1000671 | Med | 0.40 | 6.1 | 0.04 | Sep 6, 2018 | sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The "referer" parameter of the wwsympa.fcgi login action. that can result in Open redirection and reflected XSS via data URIs. This attack appear to be… | ||
| CVE-2018-15683 | Med | 0.40 | 6.1 | 0.01 | Sep 5, 2018 | An issue was discovered in BTITeam XBTIT. The "returnto" parameter of the login page is vulnerable to an open redirect due to a lack of validation. If a user is already logged in when accessing the page, they will be instantly redirected. | ||
| CVE-2018-7692 | Med | 0.40 | 6.1 | 0.01 | Aug 9, 2018 | Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1. | ||
| CVE-2018-7091 | Med | 0.40 | 6.1 | 0.01 | Aug 6, 2018 | HPE XP P9000 Command View Advanced Edition Software (CVAE) has open URL redirection vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr. | ||
| CVE-2013-0594 | Med | 0.40 | 6.1 | 0.01 | Jul 11, 2018 | Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383. | ||
| CVE-2018-1355 | Med | 0.40 | 6.1 | 0.02 | Jun 27, 2018 | An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to… | ||
| CVE-2017-16652 | — | Med | 0.40 | 6.1 | 0.01 | Jun 13, 2018 | An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler takes the content of the _target_path parameter and generates a redirect… | |
| CVE-2017-5389 | Med | 0.40 | 6.1 | 0.01 | Jun 11, 2018 | WebExtensions could use the "mozAddonManager" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. This allows a malicious extension to then install additional extensions without… | ||
| CVE-2017-16224 | Med | 0.40 | 6.1 | 0.01 | Jun 7, 2018 | st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 (redirect) to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most… | ||
| CVE-2018-10651 | Med | 0.40 | 6.1 | 0.01 | May 23, 2018 | There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. |
- risk 0.40cvss 6.1epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magarsus Consultancy SSO (Single Sign On) allows Manipulating Hidden Fields. This issue affects SSO (Single Sign On): from 1.0 before 1.1.
- risk 0.40cvss 6.1epss 0.01
The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 4.0.30. This is due to insufficient validation on the redirect url supplied via the…
- risk 0.40cvss 6.1epss 0.03
In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370…
- risk 0.40cvss 6.1epss 0.01
An issue was discovered in BTITeam XBTIT 2.5.4. The "returnto" parameter of account_change.php is vulnerable to an open redirect, a different vulnerability than CVE-2018-15683.
- risk 0.40cvss 6.1epss 0.01
An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The login function of the portal is vulnerable to insecure redirection (also called an open redirect). The in_hi_redirect parameter is not validated by the application after a successful login. NOTE: this CVE…
- risk 0.40cvss 6.1epss 0.01
The Feed Statistics plugin before 4.0 for WordPress has an Open Redirect via the feed-stats-url parameter.
- risk 0.40cvss 6.1epss 0.01
On BIG-IP APM 11.6.0-11.6.3, an insecure AES ECB mode is used for orig_uri parameter in an undisclosed /vdesk link of APM virtual server configured with an access profile, allowing a malicious user to build a redirect URI value using different blocks of cipher texts.
- risk 0.40cvss 6.1epss 0.02
Eventum before 3.4.0 has an open redirect vulnerability.
- risk 0.40cvss 6.1epss 0.01
An issue was discovered in Creme CRM 1.6.12. The value of the cancel button uses the content of the HTTP Referer header, and could be used to trick a user into visiting a fake login page in order to steal credentials.
- risk 0.40cvss 6.1epss 0.01
download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability.
- risk 0.40cvss 6.1epss 0.04
sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The "referer" parameter of the wwsympa.fcgi login action. that can result in Open redirection and reflected XSS via data URIs. This attack appear to be…
- risk 0.40cvss 6.1epss 0.01
An issue was discovered in BTITeam XBTIT. The "returnto" parameter of the login page is vulnerable to an open redirect due to a lack of validation. If a user is already logged in when accessing the page, they will be instantly redirected.
- risk 0.40cvss 6.1epss 0.01
Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1.
- risk 0.40cvss 6.1epss 0.01
HPE XP P9000 Command View Advanced Edition Software (CVAE) has open URL redirection vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr.
- risk 0.40cvss 6.1epss 0.01
Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383.
- risk 0.40cvss 6.1epss 0.02
An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to…
- risk 0.40cvss 6.1epss 0.01
An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler takes the content of the _target_path parameter and generates a redirect…
- risk 0.40cvss 6.1epss 0.01
WebExtensions could use the "mozAddonManager" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. This allows a malicious extension to then install additional extensions without…
- risk 0.40cvss 6.1epss 0.01
st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 (redirect) to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most…
- risk 0.40cvss 6.1epss 0.01
There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.