Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-29 | CVE-2020-26938 | Open Redirect vulnerability in Oauth2-Server Project Oauth2-Server In oauth2-server (aka node-oauth2-server) through 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern ("[a-zA-Z][a-zA-Z0-9+.-]+:") before making a redirection. | 7.2 |
2022-08-29 | CVE-2022-27547 | Open Redirect vulnerability in Hcltech Domino and HCL Inotes HCL iNotes is susceptible to a link to non-existent domain vulnerability. | 7.4 |
2022-08-23 | CVE-2021-28861 | Open Redirect vulnerability in multiple products Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. | 7.4 |
2022-08-16 | CVE-2022-25799 | Open Redirect vulnerability in Cert Vince 1.48.0/1.49.0 An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0. | 6.1 |
2022-08-11 | CVE-2022-28755 | Open Redirect vulnerability in Zoom The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability. | 6.1 |
2022-08-05 | CVE-2022-31657 | Open Redirect vulnerability in VMWare products VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. | 9.8 |
2022-08-02 | CVE-2021-23385 | Open Redirect vulnerability in Flask-Security Project Flask-Security This affects all versions of package Flask-Security. | 6.1 |
2022-07-28 | CVE-2022-27509 | Open Redirect vulnerability in Citrix Application Delivery Controller Firmware and Gateway Unauthenticated redirection to a malicious website | 6.1 |
2022-07-26 | CVE-2022-30706 | Open Redirect vulnerability in Twinkletoessoftware Booked Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL. | 6.1 |
2022-07-25 | CVE-2022-35652 | Open Redirect vulnerability in multiple products An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. | 6.1 |