Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2022-05-02 CVE-2022-26326 Open Redirect vulnerability in Microfocus Netiq Access Manager
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2
network
low complexity
microfocus CWE-601
6.1
2022-04-27 CVE-2022-24887 Open Redirect vulnerability in Nextcloud Talk
Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform.
network
low complexity
nextcloud CWE-601
6.1
2022-04-21 CVE-2020-14118 Open Redirect vulnerability in MI APP Store
An intent redirection vulnerability in the Mi App Store product.
network
low complexity
mi CWE-601
6.1
2022-04-20 CVE-2022-1254 Open Redirect vulnerability in Mcafee web Gateway
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior to 9.2.20, 8.x prior to 8.2.27, and 7.x prior to 7.8.2.31, and controlled release 11.x prior to 11.1.3 allows a remote attacker to redirect a user to a malicious website controlled by the attacker.
network
low complexity
mcafee CWE-601
6.1
2022-04-19 CVE-2022-24858 Open Redirect vulnerability in Nextauth.Js Next-Auth
next-auth v3 users before version 3.29.2 are impacted.
network
low complexity
nextauth-js CWE-601
6.1
2022-04-19 CVE-2022-0645 Open Redirect vulnerability in Posthog
Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1.
network
low complexity
posthog CWE-601
6.1
2022-04-13 CVE-2022-27256 Open Redirect vulnerability in Hubzilla
A PHP Local File inclusion vulnerability in the Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter.
network
low complexity
hubzilla CWE-601
6.1
2022-04-06 CVE-2022-27109 Open Redirect vulnerability in Orangehrm 4.10
OrangeHRM 4.10 suffers from a Referer header injection redirect vulnerability.
network
low complexity
orangehrm CWE-601
5.4
2022-04-06 CVE-2022-27110 Open Redirect vulnerability in Orangehrm 4.10
OrangeHRM 4.10 is vulnerable to a Host header injection redirect via viewPersonalDetails endpoint.
network
low complexity
orangehrm CWE-601
5.4
2022-04-05 CVE-2022-27463 Open Redirect vulnerability in Wwbn Avideo
Open redirect vulnerability in objects/login.json.php in WWBN AVideo through 11.6, allows attackers to arbitrarily redirect users from a crafted url to the login page.
network
low complexity
wwbn CWE-601
6.1