Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-15 | CVE-2023-35029 | Open Redirect vulnerability in Liferay DXP and Liferay Portal Open redirect vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP 7.4 update 70 through 76 allows remote attackers to redirect users to arbitrary external URLs via the `_com_liferay_layout_admin_web_portlet_GroupPagesPortlet_backURL` parameter. | 6.1 |
2023-06-07 | CVE-2021-4348 | Open Redirect vulnerability in Createit Ultimate Gdpr & Ccpa Compliance Toolkit The Ultimate GDPR & CCPA plugin for WordPress is vulnerable to unauthenticated settings import and export via the export_settings & import_settings functions in versions up to, and including, 2.4. | 6.1 |
2023-06-06 | CVE-2023-32551 | Open Redirect vulnerability in Canonical Landscape Landscape allowed URLs which caused open redirection. | 6.1 |
2023-06-02 | CVE-2023-29540 | Open Redirect vulnerability in Mozilla Firefox and Focus Using a redirect embedded into <code>sourceMappingUrls</code> could allow for navigation to external protocol links in sandboxed iframes without <code>allow-top-navigation-to-custom-protocols</code>. | 6.1 |
2023-05-30 | CVE-2023-32218 | Open Redirect vulnerability in Avaya IX Workforce Engagement 15.2.7.1195 Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site ('Open Redirect') | 6.1 |
2023-05-30 | CVE-2023-23754 | Open Redirect vulnerability in Joomla Joomla! An issue was discovered in Joomla! 4.2.0 through 4.3.1. | 6.1 |
2023-05-30 | CVE-2023-20884 | Open Redirect vulnerability in VMWare products VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure. | 6.1 |
2023-05-25 | CVE-2023-28370 | Open Redirect vulnerability in Tornadoweb Tornado Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL. | 6.1 |
2023-05-08 | CVE-2020-21038 | Open Redirect vulnerability in Typecho 1.117.10.30 Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php. | 6.1 |
2023-05-03 | CVE-2022-43950 | Open Redirect vulnerability in Fortinet Fortinac and Fortinac-F A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an unauthenticated attacker to redirect users to any arbitrary website via a crafted URL. | 4.7 |