Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-16 | CVE-2022-43721 | Open Redirect vulnerability in Apache Superset An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0. | 5.4 |
| 2023-01-15 | CVE-2015-10052 | Open Redirect vulnerability in Gibb-Modul-151 Project Gibb-Modul-151 ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in calesanz gibb-modul-151. | 6.1 |
| 2023-01-12 | CVE-2022-3145 | Open Redirect vulnerability in Okta Oidc Middleware An open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitrary URL. | 4.7 |
| 2023-01-12 | CVE-2022-39183 | Open Redirect vulnerability in Moodle Saml Authentication Moodle Plugin - SAML Auth may allow Open Redirect through unspecified vectors. | 6.1 |
| 2023-01-12 | CVE-2023-0042 | Open Redirect vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. | 6.1 |
| 2023-01-11 | CVE-2023-22958 | Open Redirect vulnerability in Syracom Secure Login The Syracom Secure Login plugin before 3.1.1.0 for Jira may allow spoofing of 2FA PIN validation via the plugins/servlet/twofactor/public/pinvalidation target parameter. | 6.1 |
| 2023-01-07 | CVE-2017-20164 | Open Redirect vulnerability in Symbiote Seed 6.0.0/6.0.1/6.0.2 A vulnerability was found in Symbiote Seed up to 6.0.2. | 6.1 |
| 2023-01-03 | CVE-2022-3614 | Open Redirect vulnerability in Octopus Server In affected versions of Octopus Deploy users of certain browsers using AD to sign-in to Octopus Server were able to bypass authentication checks and be redirected to the configured redirect url without any validation. | 6.1 |
| 2022-12-29 | CVE-2022-38208 | Open Redirect vulnerability in Esri Portal for Arcgis There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks. | 6.1 |
| 2022-12-27 | CVE-2022-4720 | Open Redirect vulnerability in Ikus-Soft Rdiffweb Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5. | 6.1 |