Latest URL Redirection to Untrusted Site ('Open Redirect') Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2020-09-09 CVE-2020-5627 Open Redirect vulnerability in Yodobashi 1.2.1.0/1.4.4/1.8.7
Yodobashi App for Android versions 1.8.7 and earlier allows remote attackers to lead a user to access an arbitrary website via the vulnerable App.
5.8
2020-09-01 CVE-2020-24554 Open Redirect vulnerability in Liferay Portal
The redirect module in Liferay Portal before 7.3.3 does not limit the number of URLs resulting in a 404 error that is recorded, which allows remote attackers to perform a denial of service attack by making repeated requests for pages that do not exist.
network
low complexity
liferay
CWE-601
5.0
2020-08-28 CVE-2020-5623 Open Redirect vulnerability in Nitori
NITORI App for Android versions 6.0.4 and earlier and NITORI App for iOS versions 6.0.2 and earlier allow remote attackers to lead a user to access an arbitrary website via the vulnerable App.
5.8
2020-08-26 CVE-2020-24598 Open Redirect vulnerability in Joomla Joomla\!
An issue was discovered in Joomla! before 3.9.21.
5.8
2020-08-25 CVE-2020-5541 Open Redirect vulnerability in Cybersolutions Cybermail 6.0/7.0
Open redirect vulnerability in CyberMail Ver.6.x and Ver.7.x allows remote attackers to redirect users to arbitrary sites and conduct phishing attacks via a specially crafted URL.
5.8
2020-08-24 CVE-2020-10775 Open Redirect vulnerability in multiple products
An Open redirect vulnerability was found in ovirt-engine versions 4.4 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks.
network
high complexity
oracle
redhat
CWE-601
2.6
2020-08-24 CVE-2020-4598 Open Redirect vulnerability in IBM Security Guardium Insights 2.0.1
IBM Security Guardium Insights 2.0.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
5.8
2020-08-19 CVE-2020-4653 Open Redirect vulnerability in IBM Planning Analytics 2.0
IBM Planning Analytics 2.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
ibm
CWE-601
5.8
2020-07-30 CVE-2020-15129 Open Redirect vulnerability in Containous Traefik
In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik's handling of the "X-Forwarded-Prefix" header.
network
high complexity
containous
CWE-601
4.0
2020-07-23 CVE-2020-7520 Open Redirect vulnerability in Schneider-Electric Software Update Utility 1.0/1.0.13/1.1
A CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability exists in Schneider Electric Software Update (SESU), V2.4.0 and prior, which could cause execution of malicious code on the victim's machine.
network
high complexity
schneider-electric
CWE-601
4.0