Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-09 | CVE-2023-22797 | Open Redirect vulnerability in multiple products An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. | 6.1 |
| 2023-02-09 | CVE-2023-22798 | Open Redirect vulnerability in Brave Adblock-Lists Prior to commit 51867e0d15a6d7f80d5b714fd0e9976b9c160bb0, https://github.com/brave/adblock-lists removed redirect interceptors on some websites like Facebook in which the redirect interceptor may have been there for security purposes. | 6.1 |
| 2023-02-08 | CVE-2023-0748 | Open Redirect vulnerability in Btcpayserver Open Redirect in GitHub repository btcpayserver/btcpayserver prior to 1.7.6. | 6.1 |
| 2023-02-06 | CVE-2022-28923 | Open Redirect vulnerability in Caddyserver Caddy 2.4.6 Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs. | 6.1 |
| 2023-02-01 | CVE-2023-22418 | Open Redirect vulnerability in F5 products On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.7, 14.1.x before 14.1.5.3, and all versions of 13.1.x, an open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. | 6.1 |
| 2023-01-27 | CVE-2022-44717 | Open Redirect vulnerability in Netscout Ngeniusone 6.3.2 An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. | 3.1 |
| 2023-01-27 | CVE-2022-44718 | Open Redirect vulnerability in Netscout Ngeniusone 6.3.2 An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. | 3.5 |
| 2023-01-26 | CVE-2023-24445 | Open Redirect vulnerability in Jenkins Openid Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins. | 6.1 |
| 2023-01-22 | CVE-2023-24044 | Open Redirect vulnerability in Plesk Obsidian 18.0.17 A Host Header Injection issue on the Login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites via a Host request header. | 6.1 |
| 2023-01-17 | CVE-2023-22298 | Open Redirect vulnerability in multiple products Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL. | 6.1 |