Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-29 | CVE-2017-20119 | Open Redirect vulnerability in Trueconf Server 4.3.7.12219/4.3.7.12255 A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. | 6.1 |
| 2022-06-29 | CVE-2020-26877 | Open Redirect vulnerability in Apifest Oauth 2.0 Server 0.3.1 ApiFest OAuth 2.0 Server 0.3.1 does not validate the redirect URI in accordance with RFC 6749 and is susceptible to an open redirector attack. | 6.1 |
| 2022-06-29 | CVE-2022-29272 | Open Redirect vulnerability in Nagios XI In Nagios XI through 5.8.5, an open redirect vulnerability exists in the login function that could lead to spoofing. | 6.1 |
| 2022-06-28 | CVE-2022-30562 | Open Redirect vulnerability in Dahuasecurity products If the user enables the https function on the device, an attacker can modify the user’s request data packet through a man-in-the-middle attack ,Injection of a malicious URL in the Host: header of the HTTP Request results in a 302 redirect to an attacker-controlled page. | 4.7 |
| 2022-06-27 | CVE-2022-33146 | Open Redirect vulnerability in Web2Py Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL. | 6.1 |
| 2022-06-17 | CVE-2022-32444 | Open Redirect vulnerability in Yuba U5Cms 8.3.5 An issue was discovered in u5cms verion 8.3.5 There is a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php. | 6.1 |
| 2022-06-13 | CVE-2022-31040 | Open Redirect vulnerability in Maykinmedia Open Forms Open Forms is an application for creating and publishing smart forms. | 6.1 |
| 2022-06-02 | CVE-2022-29718 | Open Redirect vulnerability in Caddyserver Caddy Caddy v2.4 was discovered to contain an open redirect vulnerability. | 6.1 |
| 2022-06-02 | CVE-2022-23237 | Open Redirect vulnerability in Netapp E-Series Santricity OS Controller E-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host header injection attacks that could allow an attacker to redirect users to malicious websites. | 6.1 |
| 2022-05-18 | CVE-2022-1774 | Open Redirect vulnerability in Diagrams Drawio Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7. | 6.1 |