Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2023-05-30 CVE-2023-32218 Open Redirect vulnerability in Avaya IX Workforce Engagement 15.2.7.1195
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
network
low complexity
avaya CWE-601
6.1
6.1
2023-05-30 CVE-2023-23754 Open Redirect vulnerability in Joomla Joomla!
An issue was discovered in Joomla! 4.2.0 through 4.3.1.
network
low complexity
joomla CWE-601
6.1
6.1
2023-05-30 CVE-2023-20884 Open Redirect vulnerability in VMWare products
VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure.
network
low complexity
vmware CWE-601
6.1
6.1
2023-05-25 CVE-2023-28370 Open Redirect vulnerability in Tornadoweb Tornado
Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL.
network
low complexity
tornadoweb CWE-601
6.1
6.1
2023-05-09 CVE-2023-25829 Open Redirect vulnerability in Esri Portal for Arcgis 10.9.1/11.0
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.
network
low complexity
esri CWE-601
6.1
6.1
2023-05-08 CVE-2020-21038 Open Redirect vulnerability in Typecho 1.117.10.30
Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php.
network
low complexity
typecho CWE-601
6.1
6.1
2023-05-03 CVE-2022-43950 Open Redirect vulnerability in Fortinet Fortinac and Fortinac-F
A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an unauthenticated attacker to redirect users to any arbitrary website via a crafted URL.
network
low complexity
fortinet CWE-601
4.7
4.7
2023-05-03 CVE-2023-0155 Open Redirect vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions before 15.8.5, 15.9.4, 15.10.1.
network
low complexity
gitlab CWE-601
5.4
5.4
2023-05-02 CVE-2023-2000 Open Redirect vulnerability in Mattermost Desktop
Mattermost Desktop App fails to validate a mattermost server redirection and navigates to an arbitrary website
network
low complexity
mattermost CWE-601
5.4
5.4
2023-04-14 CVE-2022-46886 Open Redirect vulnerability in Servicenow Quebec/Rome/Sandiego
There exists an open redirect within the response list update functionality of ServiceNow.
network
low complexity
servicenow CWE-601
6.1
6.1