Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2022-06-22 CVE-2022-23078 Open Redirect vulnerability in Habitica
In habitica versions v4.119.0 through v4.232.2 are vulnerable to open redirect via the login page.
network
habitica CWE-601
5.8
2022-06-17 CVE-2022-32444 Open Redirect vulnerability in Yuba U5Cms 8.3.5
An issue was discovered in u5cms verion 8.3.5 There is a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php.
network
yuba CWE-601
5.8
2022-06-13 CVE-2022-31040 Open Redirect vulnerability in Maykinmedia Open Forms
Open Forms is an application for creating and publishing smart forms.
5.8
2022-06-02 CVE-2022-29718 Open Redirect vulnerability in Caddyserver Caddy
Caddy v2.4 was discovered to contain an open redirect vulnerability.
5.8
2022-06-02 CVE-2022-23237 Open Redirect vulnerability in Netapp E-Series Santricity OS Controller
E-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host header injection attacks that could allow an attacker to redirect users to malicious websites.
network
netapp CWE-601
5.8
2022-05-21 CVE-2022-29214 Open Redirect vulnerability in Nextauth.Js Next-Auth
NextAuth.js (next-auth) is am open source authentication solution for Next.js applications.
5.8
2022-05-20 CVE-2022-29170 Open Redirect vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
grafana CWE-601
4.9
2022-05-18 CVE-2022-1774 Open Redirect vulnerability in Diagrams Draw.Io
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7.
network
diagrams CWE-601
5.8
2022-05-18 CVE-2022-30992 Open Redirect vulnerability in Acronis Cyber Protect 15
Open redirect via user-controlled query parameter.
network
acronis CWE-601
5.8
2022-05-13 CVE-2022-1702 Open Redirect vulnerability in Sonicwall products
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability.
network
sonicwall CWE-601
5.8