Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2023-07-12 CVE-2023-37947 Open Redirect vulnerability in Jenkins Openshift Login
Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.
network
low complexity
jenkins CWE-601
6.1
2023-07-05 CVE-2023-3515 Open Redirect vulnerability in Gitea
Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4.
network
high complexity
gitea CWE-601
4.4
2023-07-04 CVE-2023-3139 Open Redirect vulnerability in Wp-Experts Protect WP Admin
The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a redirection of a crafted URL, bypassing the protection offered.
network
low complexity
wp-experts CWE-601
6.1
2023-07-01 CVE-2023-28364 Open Redirect vulnerability in Brave Browser
An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first.
network
low complexity
brave CWE-601
6.1
2023-06-29 CVE-2022-46407 Open Redirect vulnerability in Ericsson Network Manager 21.2/22.1
Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint “editprofile” where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment.
network
low complexity
ericsson CWE-601
4.8
2023-06-23 CVE-2023-35171 Open Redirect vulnerability in Nextcloud Server 26.0.0/26.0.1
NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform.
network
low complexity
nextcloud CWE-601
6.1
2023-06-22 CVE-2023-28799 Open Redirect vulnerability in Zscaler Client Connector
A URL parameter during login flow was vulnerable to injection.
network
low complexity
zscaler CWE-601
6.1
2023-06-21 CVE-2023-33405 Open Redirect vulnerability in Blogengine Blogengine.Net
Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect.
network
low complexity
blogengine CWE-601
6.1
2023-06-19 CVE-2023-34415 Open Redirect vulnerability in Mozilla Firefox
When choosing a site-isolated process for a document loaded from a data: URL that was the result of a redirect, Firefox would load that document in the same process as the site that issued the redirect.
network
low complexity
mozilla CWE-601
6.1
2023-06-15 CVE-2023-24030 Open Redirect vulnerability in Zimbra Collaboration 8.8.15/9.0.0
An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0 and 8.8.15.
network
low complexity
zimbra CWE-601
6.1