Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2022-11-28 CVE-2022-41965 Open Redirect vulnerability in Apereo Opencast
Opencast is a free, open-source platform to support the management of educational audio and video content.
network
low complexity
apereo CWE-601
6.1
2022-11-18 CVE-2021-22141 Open Redirect vulnerability in Elastic Kibana
An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16.
network
low complexity
elastic CWE-601
6.1
2022-11-15 CVE-2022-38201 Open Redirect vulnerability in Esri Arcgis Quickcapture
An unvalidated redirect vulnerability exists in Esri Portal for ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1.
network
low complexity
esri CWE-601
6.1
2022-11-15 CVE-2022-45402 Open Redirect vulnerability in Apache Airflow
In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's `/login` endpoint.
network
low complexity
apache CWE-601
6.1
2022-11-09 CVE-2022-3280 Open Redirect vulnerability in Gitlab
An open redirect in GitLab CE/EE affecting all versions from 10.1 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick users into visiting a trustworthy URL and being redirected to arbitrary content.
network
low complexity
gitlab CWE-601
6.1
2022-11-09 CVE-2022-3486 Open Redirect vulnerability in Gitlab
An open redirect vulnerability in GitLab EE/CE affecting all versions from 9.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allows an attacker to redirect users to an arbitrary location if they trust the URL.
network
low complexity
gitlab CWE-601
6.1
2022-11-08 CVE-2022-41207 Open Redirect vulnerability in SAP Biller Direct 635/750
SAP Biller Direct allows an unauthenticated attacker to craft a legitimate looking URL.
network
low complexity
sap CWE-601
6.1
2022-11-08 CVE-2022-41215 Open Redirect vulnerability in SAP Netweaver Application Server Abap
SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation.
network
low complexity
sap CWE-601
4.7
2022-11-02 CVE-2022-43985 Open Redirect vulnerability in Apache Airflow
In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's `/confirm` endpoint.
network
low complexity
apache CWE-601
6.1
2022-11-01 CVE-2022-3797 Open Redirect vulnerability in Eolink Apinto-Dashboard
A vulnerability was found in eolinker apinto-dashboard.
network
low complexity
eolink CWE-601
6.1