Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-12 | CVE-2022-46683 | Open Redirect vulnerability in Jenkins Google Login 1.4/1.6 Jenkins Google Login Plugin 1.4 through 1.6 (both inclusive) improperly determines that a redirect URL after login is legitimately pointing to Jenkins. | 6.1 |
2022-12-07 | CVE-2022-45917 | Open Redirect vulnerability in Ilias ILIAS before 7.16 has an Open Redirect. | 6.1 |
2022-12-06 | CVE-2022-41559 | Open Redirect vulnerability in Tibco Nimbus 10.5.0 The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on the affected system. | 9.3 |
2022-12-05 | CVE-2022-43479 | Open Redirect vulnerability in Ss-Proj Shirasagi 1.14.4/1.15.0 Open redirect vulnerability in SHIRASAGI v1.14.4 to v1.15.0 allows a remote unauthenticated attacker to redirect users to an arbitrary web site and conduct a phishing attack. | 6.1 |
2022-11-18 | CVE-2021-22141 | Open Redirect vulnerability in Elastic Kibana An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. | 6.1 |
2022-11-09 | CVE-2022-3280 | Open Redirect vulnerability in Gitlab An open redirect in GitLab CE/EE affecting all versions from 10.1 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick users into visiting a trustworthy URL and being redirected to arbitrary content. | 6.1 |
2022-11-09 | CVE-2022-3486 | Open Redirect vulnerability in Gitlab An open redirect vulnerability in GitLab EE/CE affecting all versions from 9.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allows an attacker to redirect users to an arbitrary location if they trust the URL. | 6.1 |
2022-10-31 | CVE-2022-28763 | Open Redirect vulnerability in Zoom Meetings and Virtual Desktop Infrastructure The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. | 9.6 |
2022-10-26 | CVE-2022-39359 | Open Redirect vulnerability in Metabase Metabase is data visualization software. | 6.5 |
2022-10-25 | CVE-2022-38197 | Open Redirect vulnerability in Esri Arcgis Server Esri ArcGIS Server versions 10.9.1 and below have an unvalidated redirect issue that may allow a remote, unauthenticated attacker to phish a user into accessing an attacker controlled website via a crafted query parameter. | 6.1 |