Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-12 | CVE-2022-39183 | Open Redirect vulnerability in Moodle Saml Authentication Moodle Plugin - SAML Auth may allow Open Redirect through unspecified vectors. | 6.1 |
| 2023-01-12 | CVE-2023-0042 | Open Redirect vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. | 6.1 |
| 2023-01-11 | CVE-2023-22958 | Open Redirect vulnerability in Syracom Secure Login The Syracom Secure Login plugin before 3.1.1.0 for Jira may allow spoofing of 2FA PIN validation via the plugins/servlet/twofactor/public/pinvalidation target parameter. | 6.1 |
| 2023-01-07 | CVE-2017-20164 | Open Redirect vulnerability in Symbiote Seed 6.0.0/6.0.1/6.0.2 A vulnerability was found in Symbiote Seed up to 6.0.2. | 6.1 |
| 2023-01-03 | CVE-2022-3614 | Open Redirect vulnerability in Octopus Server In affected versions of Octopus Deploy users of certain browsers using AD to sign-in to Octopus Server were able to bypass authentication checks and be redirected to the configured redirect url without any validation. | 6.1 |
| 2022-12-27 | CVE-2022-4720 | Open Redirect vulnerability in Ikus-Soft Rdiffweb Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5. | 6.1 |
| 2022-12-22 | CVE-2022-29910 | Open Redirect vulnerability in Mozilla Firefox When closed or sent to the background, Firefox for Android would not properly record and persist HSTS settings.<br>*Note: This issue only affected Firefox for Android. | 6.1 |
| 2022-12-22 | CVE-2022-29912 | Open Redirect vulnerability in Mozilla Thunderbird Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. | 6.1 |
| 2022-12-22 | CVE-2022-34474 | Open Redirect vulnerability in Mozilla Firefox Even when an iframe was sandboxed with <code>allow-top-navigation-by-user-activation</code>, if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate. | 6.1 |
| 2022-12-22 | CVE-2022-36316 | Open Redirect vulnerability in Mozilla Firefox When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. | 6.1 |