Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-04 | CVE-2022-20794 | Open Redirect vulnerability in Cisco Telepresence Collaboration Endpoint Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS) condition, view sensitive data on an affected device, or redirect users to an attacker-controlled destination. | 4.7 |
| 2022-05-04 | CVE-2022-27461 | Open Redirect vulnerability in Nopcommerce In nopCommerce 4.50.1, an open redirect vulnerability can be triggered by luring a user to authenticate to a nopCommerce page by clicking on a crafted link. | 6.1 |
| 2022-05-02 | CVE-2022-26326 | Open Redirect vulnerability in Microfocus Netiq Access Manager Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2 | 6.1 |
| 2022-04-27 | CVE-2022-24887 | Open Redirect vulnerability in Nextcloud Talk Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform. | 6.1 |
| 2022-04-21 | CVE-2020-14118 | Open Redirect vulnerability in MI APP Store An intent redirection vulnerability in the Mi App Store product. | 6.1 |
| 2022-04-20 | CVE-2022-1254 | Open Redirect vulnerability in Mcafee web Gateway A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior to 9.2.20, 8.x prior to 8.2.27, and 7.x prior to 7.8.2.31, and controlled release 11.x prior to 11.1.3 allows a remote attacker to redirect a user to a malicious website controlled by the attacker. | 6.1 |
| 2022-04-19 | CVE-2022-24858 | Open Redirect vulnerability in Nextauth.Js Next-Auth next-auth v3 users before version 3.29.2 are impacted. | 6.1 |
| 2022-04-19 | CVE-2022-0645 | Open Redirect vulnerability in Posthog Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1. | 6.1 |
| 2022-04-13 | CVE-2022-27256 | Open Redirect vulnerability in Hubzilla A PHP Local File inclusion vulnerability in the Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter. | 6.1 |
| 2022-04-06 | CVE-2022-27109 | Open Redirect vulnerability in Orangehrm 4.10 OrangeHRM 4.10 suffers from a Referer header injection redirect vulnerability. | 5.4 |