Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-13 | CVE-2022-31040 | Open Redirect vulnerability in Maykinmedia Open Forms Open Forms is an application for creating and publishing smart forms. | 6.1 |
2022-06-02 | CVE-2022-29718 | Open Redirect vulnerability in Caddyserver Caddy Caddy v2.4 was discovered to contain an open redirect vulnerability. | 6.1 |
2022-06-02 | CVE-2022-23237 | Open Redirect vulnerability in Netapp E-Series Santricity OS Controller E-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host header injection attacks that could allow an attacker to redirect users to malicious websites. | 6.1 |
2022-05-18 | CVE-2022-1774 | Open Redirect vulnerability in Diagrams Drawio Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7. | 6.1 |
2022-05-18 | CVE-2022-30992 | Open Redirect vulnerability in Acronis Cyber Protect 15 Open redirect via user-controlled query parameter. | 6.1 |
2022-05-13 | CVE-2022-1702 | Open Redirect vulnerability in Sonicwall products SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability. | 6.1 |
2022-05-12 | CVE-2022-22797 | Open Redirect vulnerability in Sysaid 21.1.30/21.1.50/21.4.45 Sysaid – sysaid Open Redirect - An Attacker can change the redirect link at the parameter "redirectURL" from"GET" request from the url location: /CommunitySSORedirect.jsp?redirectURL=https://google.com. | 6.1 |
2022-05-05 | CVE-2021-44054 | Open Redirect vulnerability in Qnap Qts, Quts Hero and Qutscloud An open redirect vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero and QTS. | 6.1 |
2022-05-04 | CVE-2022-20794 | Open Redirect vulnerability in Cisco Telepresence Collaboration Endpoint Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS) condition, view sensitive data on an affected device, or redirect users to an attacker-controlled destination. | 4.7 |
2022-05-04 | CVE-2022-27461 | Open Redirect vulnerability in Nopcommerce In nopCommerce 4.50.1, an open redirect vulnerability can be triggered by luring a user to authenticate to a nopCommerce page by clicking on a crafted link. | 6.1 |