Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2022-07-14 CVE-2022-25803 Open Redirect vulnerability in Bestpractical Request Tracker
Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search.
network
low complexity
bestpractical CWE-601
6.1
2022-07-12 CVE-2022-33712 Open Redirect vulnerability in Samsung Camera
Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information.
network
low complexity
samsung CWE-601
5.3
2022-07-08 CVE-2022-35406 Open Redirect vulnerability in Portswigger Burp Suite
A URL disclosure issue was discovered in Burp Suite before 2022.6.
network
low complexity
portswigger CWE-601
4.3
2022-07-01 CVE-2022-2250 Open Redirect vulnerability in Gitlab
An open redirect vulnerability in GitLab EE/CE affecting all versions from 11.1 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows an attacker to redirect users to an arbitrary location if they trust the URL.
network
low complexity
gitlab CWE-601
6.1
2022-06-29 CVE-2017-20119 Open Redirect vulnerability in Trueconf Server 4.3.7.12219/4.3.7.12255
A vulnerability classified as problematic has been found in TrueConf Server 4.3.7.
network
low complexity
trueconf CWE-601
6.1
2022-06-29 CVE-2020-26877 Open Redirect vulnerability in Apifest Oauth 2.0 Server 0.3.1
ApiFest OAuth 2.0 Server 0.3.1 does not validate the redirect URI in accordance with RFC 6749 and is susceptible to an open redirector attack.
network
low complexity
apifest CWE-601
6.1
2022-06-29 CVE-2022-29272 Open Redirect vulnerability in Nagios XI
In Nagios XI through 5.8.5, an open redirect vulnerability exists in the login function that could lead to spoofing.
network
low complexity
nagios CWE-601
6.1
2022-06-28 CVE-2022-30562 Open Redirect vulnerability in Dahuasecurity products
If the user enables the https function on the device, an attacker can modify the user’s request data packet through a man-in-the-middle attack ,Injection of a malicious URL in the Host: header of the HTTP Request results in a 302 redirect to an attacker-controlled page.
network
high complexity
dahuasecurity CWE-601
4.7
2022-06-27 CVE-2022-33146 Open Redirect vulnerability in Web2Py
Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
network
low complexity
web2py CWE-601
6.1
2022-06-17 CVE-2022-32444 Open Redirect vulnerability in Yuba U5Cms 8.3.5
An issue was discovered in u5cms verion 8.3.5 There is a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php.
network
low complexity
yuba CWE-601
6.1