Search
Total
672 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-11529 | 1 Getgrav | 1 Grav | 2021-05-17 | 5.8 MEDIUM | 6.1 MEDIUM |
| Common/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in 1.6.x. | |||||
| CVE-2020-13662 | 1 Drupal | 1 Drupal | 2021-05-13 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions. | |||||
| CVE-2020-23015 | 1 Opnsense | 1 Opnsense | 2021-05-11 | 5.8 MEDIUM | 6.1 MEDIUM |
| An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website. | |||||
| CVE-2021-28125 | 1 Apache | 1 Superset | 2021-05-07 | 5.8 MEDIUM | 6.1 MEDIUM |
| Apache Superset up to and including 1.0.1 allowed for the creation of an external URL that could be malicious. By not checking user input for open redirects the URL shortener functionality would allow for a malicious user to create a short URL for a dashboard that could convince the user to click the link. | |||||
| CVE-2020-21998 | 1 Homeautomation Project | 1 Homeautomation | 2021-05-06 | 5.8 MEDIUM | 6.1 MEDIUM |
| In HomeAutomation 3.3.2 input passed via the 'redirect' GET parameter in 'api.php' script is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain. | |||||
| CVE-2021-29137 | 1 Arubanetworks | 1 Airwave | 2021-05-03 | 5.8 MEDIUM | 6.1 MEDIUM |
| A remote URL redirection vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. | |||||
| CVE-2010-2471 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2021-04-28 | 5.8 MEDIUM | 6.1 MEDIUM |
| Drupal versions 5.x and 6.x has open redirection | |||||
| CVE-2021-29456 | 1 Authelia | 1 Authelia | 2021-04-27 | 4.9 MEDIUM | 5.4 MEDIUM |
| Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. In versions 4.27.4 and earlier, utilizing a HTTP query parameter an attacker is able to redirect users from the web application to any domain, including potentially malicious sites. This security issue does not directly impact the security of the web application itself. As a workaround, one can use a reverse proxy to strip the query parameter from the affected endpoint. There is a patch for version 4.28.0. | |||||
| CVE-2016-4334 | 1 Jivesoftware | 1 Jive | 2021-04-20 | 5.8 MEDIUM | 6.1 MEDIUM |
| Jive before 2016.3.1 has an open redirect from the external-link.jspa page. | |||||
| CVE-2018-7692 | 1 Microfocus | 1 Edirectory | 2021-04-13 | 5.8 MEDIUM | 6.1 MEDIUM |
| Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1. | |||||
| CVE-2020-6365 | 1 Sap | 1 Netweaver Application Server Java | 2021-04-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an unauthenticated remote attacker to redirect users to a malicious site due to insufficient reverse tabnabbing URL validation. The attacker could execute phishing attacks to steal credentials of the victim or to redirect users to untrusted web pages containing malware or similar malicious exploits. | |||||
| CVE-2021-24210 | 1 Kiboit | 1 Phastpress | 2021-04-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| There is an open redirect in the PhastPress WordPress plugin before 1.111 that allows an attacker to malform a request to a page with the plugin and then redirect the victim to a malicious page. There is also a support comment from another user one year ago (https://wordpress.org/support/topic/phast-php-used-for-remote-fetch/) that says that the php involved in the request only go to whitelisted pages but it's possible to redirect the victim to any domain. | |||||
| CVE-2021-24165 | 1 Ninjaforms | 1 Ninja Forms | 2021-04-09 | 5.8 MEDIUM | 6.1 MEDIUM |
| In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place. | |||||
| CVE-2020-9995 | 1 Apple | 1 Macos Server | 2021-04-07 | 5.8 MEDIUM | 6.1 MEDIUM |
| An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Server 5.11. Processing a maliciously crafted URL may lead to an open redirect or cross site scripting. | |||||
| CVE-2021-29652 | 1 Pomerium | 1 Pomerium | 2021-04-06 | 5.8 MEDIUM | 6.1 MEDIUM |
| Pomerium from version 0.10.0-0.13.3 has an Open Redirect in the user sign-in/out process | |||||
| CVE-2021-29651 | 1 Pomerium | 1 Pomerium | 2021-04-06 | 5.8 MEDIUM | 6.1 MEDIUM |
| Pomerium before 0.13.4 has an Open Redirect (issue 1 of 2). | |||||
| CVE-2020-24550 | 1 Episerver | 1 Find | 2021-04-05 | 5.8 MEDIUM | 6.1 MEDIUM |
| An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL. | |||||
| CVE-2021-21476 | 1 Sap | 1 Ui5 | 2021-04-01 | 5.8 MEDIUM | 6.1 MEDIUM |
| SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. | |||||
| CVE-2020-26275 | 1 Jupyter | 1 Jupyter Server | 2021-03-30 | 5.8 MEDIUM | 6.1 MEDIUM |
| The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect the browser to a different malicious website. All jupyter servers running without a base_url prefix are technically affected, however, these maliciously crafted links can only be reasonably made for known jupyter server hosts. A link to your jupyter server may *appear* safe, but ultimately redirect to a spoofed server on the public internet. This same vulnerability was patched in upstream notebook v5.7.8. This is fixed in jupyter_server 1.1.1. If upgrade is not available, a workaround can be to run your server on a url prefix: "jupyter server --ServerApp.base_url=/jupyter/". | |||||
| CVE-2021-21377 | 1 Openmicroscopy | 1 Omero.web | 2021-03-27 | 4.9 MEDIUM | 5.4 MEDIUM |
| OMERO.web is open source Django-based software for managing microscopy imaging. OMERO.web before version 5.9.0 supports redirection to a given URL after performing login or switching the group context. These URLs are not validated, allowing redirection to untrusted sites. OMERO.web 5.9.0 adds URL validation before redirecting. External URLs are not considered valid, unless specified in the omero.web.redirect_allowed_hosts setting. | |||||
| CVE-2020-12483 | 1 Vivo | 1 Appstore | 2021-03-27 | 5.8 MEDIUM | 6.1 MEDIUM |
| The appstore before 8.12.0.0 exposes some of its components, and the attacker can cause remote download and install apps through carefully constructed parameters. | |||||
| CVE-2021-21338 | 1 Typo3 | 1 Typo3 | 2021-03-26 | 5.8 MEDIUM | 6.1 MEDIUM |
| TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability. This is fixed in versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1. | |||||
| CVE-2019-14830 | 1 Moodle | 1 Moodle | 2021-03-22 | 5.8 MEDIUM | 6.1 MEDIUM |
| A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where the mobile launch endpoint contained an open redirect in some circumstances, which could result in a user's mobile access token being exposed. (Note: This does not affect sites with a forced URL scheme configured, mobile service disabled, or where the mobile app login method is "via the app"). | |||||
| CVE-2019-14831 | 1 Moodle | 1 Moodle | 2021-03-22 | 5.8 MEDIUM | 6.1 MEDIUM |
| A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where forum subscribe link contained an open redirect if forced subscription mode was enabled. If a forum's subscription mode was set to "forced subscription", the forum's subscribe link contained an open redirect. | |||||
| CVE-2021-21491 | 1 Sap | 1 Netweaver Application Server Java | 2021-03-17 | 5.8 MEDIUM | 6.1 MEDIUM |
| SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. | |||||
| CVE-2020-28150 | 1 Inetsoftware | 1 I-net Clear Reports | 2021-03-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| I-Net Software Clear Reports 20.10.136 web application accepts a user-controlled input that specifies a link to an external site, and uses the user supplied data in a Redirect. | |||||
| CVE-2021-21354 | 1 Mozilla | 1 Pollbot | 2021-03-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| Pollbot is open source software which "frees its human masters from the toilsome task of polling for the state of things during the Firefox release process." In Pollbot before version 1.4.4 there is an open redirection vulnerability in the path of "https://pollbot.services.mozilla.com/". An attacker can redirect anyone to malicious sites. To Reproduce type in this URL: "https://pollbot.services.mozilla.com//evil.com/". Affected versions will redirect to that website when you inject a payload like "//evil.com/". This is fixed in version 1.4.4. | |||||
| CVE-2020-29565 | 2 Debian, Openstack | 2 Debian Linux, Horizon | 2021-03-09 | 5.8 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provided malicious URL. | |||||
| CVE-2020-12283 | 1 Sourcegraph | 1 Sourcegraph | 2021-03-04 | 5.8 MEDIUM | 6.1 MEDIUM |
| Sourcegraph before 3.15.1 has a vulnerable authentication workflow because of improper validation in the SafeRedirectURL method in cmd/frontend/auth/redirect.go, such as for the //foo//example.com substring. | |||||
| CVE-2021-27404 | 1 Asus | 2 Askey Rtf8115vw, Askey Rtf8115vw Firmware | 2021-02-25 | 5.8 MEDIUM | 6.1 MEDIUM |
| Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header. | |||||
| CVE-2020-35560 | 1 Mbconnectline | 2 Mbconnect24, Mymbconnect24 | 2021-02-19 | 5.8 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unauthenticated open redirect in the redirect.php. | |||||
| CVE-2021-22984 | 1 F5 | 2 Big-ip Advanced Web Application Firewall, Big-ip Application Security Manager | 2021-02-18 | 5.8 MEDIUM | 6.1 MEDIUM |
| On BIG-IP Advanced WAF and ASM version 15.1.x before 15.1.0.2, 15.0.x before 15.0.1.4, 14.1.x before 14.1.2.5, 13.1.x before 13.1.3.4, 12.1.x before 12.1.5.2, and 11.6.x before 11.6.5.2, when receiving a unauthenticated client request with a maliciously crafted URI, a BIG-IP Advanced WAF or ASM virtual server configured with a DoS profile with Proactive Bot Defense (versions prior to 14.1.0), or a Bot Defense profile (versions 14.1.0 and later), may subject clients and web servers to Open Redirection attacks. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated. | |||||
| CVE-2020-22840 | 1 B2evolution | 1 B2evolution | 2021-02-17 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 allows an attacker to perform malicious open redirects to an attacker controlled resource via redirect_to parameter in email_passthrough.php. | |||||
| CVE-2021-21478 | 1 Sap | 1 Web Dynpro Abap | 2021-02-16 | 5.8 MEDIUM | 6.1 MEDIUM |
| SAP Web Dynpro ABAP allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. | |||||
| CVE-2021-21291 | 1 Oauth2 Proxy Project | 1 Oauth2 Proxy | 2021-02-08 | 5.8 MEDIUM | 6.1 MEDIUM |
| OAuth2 Proxy is an open-source reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. In OAuth2 Proxy before version 7.0.0, for users that use the whitelist domain feature, a domain that ended in a similar way to the intended domain could have been allowed as a redirect. For example, if a whitelist domain was configured for ".example.com", the intention is that subdomains of example.com are allowed. Instead, "example.com" and "badexample.com" could also match. This is fixed in version 7.0.0 onwards. As a workaround, one can disable the whitelist domain feature and run separate OAuth2 Proxy instances for each subdomain. | |||||
| CVE-2021-25757 | 1 Jetbrains | 1 Hub | 2021-02-04 | 5.8 MEDIUM | 6.1 MEDIUM |
| In JetBrains Hub before 2020.1.12629, an open redirect was possible. | |||||
| CVE-2020-1723 | 1 Redhat | 1 Mobile Application Platform | 2021-02-04 | 4.3 MEDIUM | 4.3 MEDIUM |
| The logout endpoint /oauth/logout?redirect=url can be abused to redirect logged in users to arbitrary web pages. This vulnerability could be used in phishing attacks. Versions shipped with Red Hat Mobile Aplication Platform 4 are believed to be vulnerable. | |||||
| CVE-2020-29537 | 1 Rsa | 1 Archer | 2021-02-03 | 4.9 MEDIUM | 5.4 MEDIUM |
| Archer before 6.8 P2 (6.8.0.2) is affected by an open redirect vulnerability. A remote privileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker could then steal the victims' credentials and silently authenticate them to the Archer application without the victims realizing an attack occurred. | |||||
| CVE-2021-22873 | 1 Revive-adserver | 1 Revive Adserver | 2021-02-02 | 5.8 MEDIUM | 6.1 MEDIUM |
| Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been available by design to allow third party ad servers to track such metrics when delivering ads. However, third party click tracking via redirects is not a viable option anymore, leading to such open redirect functionality being removed and reclassified as a vulnerability. | |||||
| CVE-2019-11269 | 2 Oracle, Pivotal Software | 2 Banking Corporate Lending, Spring Security Oauth | 2021-01-30 | 5.8 MEDIUM | 5.4 MEDIUM |
| Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, 2.1 prior to 2.1.5, and 2.0 prior to 2.0.18, as well as older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the redirect_uri parameter. This can cause the authorization server to redirect the resource owner user-agent to a URI under the control of the attacker with the leaked authorization code. | |||||
| CVE-2019-3778 | 2 Oracle, Pivotal Software | 2 Banking Corporate Lending, Spring Security Oauth | 2021-01-30 | 6.4 MEDIUM | 6.5 MEDIUM |
| Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the "redirect_uri" parameter. This can cause the authorization server to redirect the resource owner user-agent to a URI under the control of the attacker with the leaked authorization code. This vulnerability exposes applications that meet all of the following requirements: Act in the role of an Authorization Server (e.g. @EnableAuthorizationServer) and uses the DefaultRedirectResolver in the AuthorizationEndpoint. This vulnerability does not expose applications that: Act in the role of an Authorization Server and uses a different RedirectResolver implementation other than DefaultRedirectResolver, act in the role of a Resource Server only (e.g. @EnableResourceServer), act in the role of a Client only (e.g. @EnableOAuthClient). | |||||
| CVE-2021-1218 | 1 Cisco | 1 Smart Software Manager On-prem | 2021-01-28 | 4.9 MEDIUM | 5.4 MEDIUM |
| A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request that could cause the web application to redirect the request to a specified malicious URL. A successful exploit could allow the attacker to redirect a user to a malicious website. | |||||
| CVE-2021-1310 | 1 Cisco | 1 Webex Meetings | 2021-01-20 | 4.3 MEDIUM | 4.7 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page, bypassing the warning mechanism that should prompt the user before the redirection. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website, bypassing the Webex URL check that should result in a warning before the redirection to the web page. Attackers may use this type of vulnerability, known as an open redirect attack, as part of a phishing attack to convince users to unknowingly visit malicious sites. | |||||
| CVE-2020-26979 | 1 Mozilla | 1 Firefox | 2021-01-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| When a user typed a URL in the address bar or the search bar and quickly hit the enter key, a website could sometimes capture that event and then redirect the user before navigation occurred to the desired, entered address. To construct a convincing spoof the attacker would have had to guess what the user was typing, perhaps by suggesting it. This vulnerability affects Firefox < 84. | |||||
| CVE-2020-29498 | 1 Dell | 1 Wyse Management Suite | 2021-01-06 | 5.8 MEDIUM | 6.1 MEDIUM |
| Dell Wyse Management Suite versions prior to 3.1 contain an open redirect vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. The vulnerability could be used to conduct phishing attacks that cause users to unknowingly visit malicious sites. | |||||
| CVE-2020-25846 | 1 Panorama Project | 1 Nhiservisignadapter | 2021-01-06 | 4.3 MEDIUM | 7.4 HIGH |
| The digest generation function of NHIServiSignAdapter has not been verified for source file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential. | |||||
| CVE-2020-25845 | 1 Panorama Project | 1 Nhiservisignadapter | 2021-01-06 | 4.3 MEDIUM | 7.4 HIGH |
| Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential. | |||||
| CVE-2020-12666 | 1 Go-macaron | 1 Macaron | 2021-01-01 | 5.8 MEDIUM | 6.1 MEDIUM |
| macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL. | |||||
| CVE-2020-35678 | 1 Crossbar | 1 Autobahn | 2020-12-30 | 5.8 MEDIUM | 6.1 MEDIUM |
| Autobahn|Python before 20.12.3 allows redirect header injection. | |||||
| CVE-2020-27729 | 1 F5 | 1 Big-ip Access Policy Manager | 2020-12-28 | 5.8 MEDIUM | 6.1 MEDIUM |
| In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, an undisclosed link on the BIG-IP APM virtual server allows a malicious user to build an open redirect URI. | |||||