Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2022-12-12 CVE-2022-46683 Open Redirect vulnerability in Jenkins Google Login 1.4/1.6
Jenkins Google Login Plugin 1.4 through 1.6 (both inclusive) improperly determines that a redirect URL after login is legitimately pointing to Jenkins.
network
low complexity
jenkins CWE-601
6.1
2022-12-07 CVE-2022-45917 Open Redirect vulnerability in Ilias
ILIAS before 7.16 has an Open Redirect.
network
low complexity
ilias CWE-601
6.1
2022-12-06 CVE-2022-41559 Open Redirect vulnerability in Tibco Nimbus 10.5.0
The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on the affected system.
network
low complexity
tibco CWE-601
critical
9.3
2022-12-05 CVE-2022-43479 Open Redirect vulnerability in Ss-Proj Shirasagi 1.14.4/1.15.0
Open redirect vulnerability in SHIRASAGI v1.14.4 to v1.15.0 allows a remote unauthenticated attacker to redirect users to an arbitrary web site and conduct a phishing attack.
network
low complexity
ss-proj CWE-601
6.1
2022-11-18 CVE-2021-22141 Open Redirect vulnerability in Elastic Kibana
An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16.
network
low complexity
elastic CWE-601
6.1
2022-11-09 CVE-2022-3280 Open Redirect vulnerability in Gitlab
An open redirect in GitLab CE/EE affecting all versions from 10.1 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick users into visiting a trustworthy URL and being redirected to arbitrary content.
network
low complexity
gitlab CWE-601
6.1
2022-11-09 CVE-2022-3486 Open Redirect vulnerability in Gitlab
An open redirect vulnerability in GitLab EE/CE affecting all versions from 9.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allows an attacker to redirect users to an arbitrary location if they trust the URL.
network
low complexity
gitlab CWE-601
6.1
2022-10-31 CVE-2022-28763 Open Redirect vulnerability in Zoom Meetings and Virtual Desktop Infrastructure
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability.
network
low complexity
zoom CWE-601
critical
9.6
2022-10-26 CVE-2022-39359 Open Redirect vulnerability in Metabase
Metabase is data visualization software.
network
low complexity
metabase CWE-601
6.5
2022-10-25 CVE-2022-38197 Open Redirect vulnerability in Esri Arcgis Server
Esri ArcGIS Server versions 10.9.1 and below have an unvalidated redirect issue that may allow a remote, unauthenticated attacker to phish a user into accessing an attacker controlled website via a crafted query parameter.
network
low complexity
esri CWE-601
6.1