Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2021-12-15 CVE-2020-18985 Open Redirect vulnerability in Synacor Zimbra Collaboration Suite 8.8.12
An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers to redirect users to any arbitrary website of their choosing.
network
low complexity
synacor CWE-601
6.1
2021-12-08 CVE-2021-43532 Open Redirect vulnerability in Mozilla Firefox
The 'Copy Image Link' context menu action would copy the final image URL after redirects.
network
low complexity
mozilla CWE-601
6.1
2021-12-08 CVE-2021-36191 Open Redirect vulnerability in Fortinet Fortiweb
A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to use the device as proxy via crafted GET parameters in requests to error handlers
network
low complexity
fortinet CWE-601
5.4
2021-12-08 CVE-2021-43064 Open Redirect vulnerability in Fortinet Fortiweb
A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers.
network
low complexity
fortinet CWE-601
6.1
2021-11-30 CVE-2021-42564 Open Redirect vulnerability in Cryptshare Server
An open redirect through HTML injection in confidential messages in Cryptshare before 5.1.0 allows remote attackers (with permission to provide confidential messages via Cryptshare) to redirect targeted victims to any URL via the '<meta http-equiv="refresh"' substring in the editor parameter.
network
low complexity
cryptshare CWE-601
5.4
2021-11-24 CVE-2021-43777 Open Redirect vulnerability in Redash
Redash is a package for data visualization and sharing.
network
low complexity
redash CWE-601
6.1
2021-11-23 CVE-2021-38000 Open Redirect vulnerability in multiple products
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-601
6.1
2021-11-23 CVE-2021-36332 Open Redirect vulnerability in Dell EMC Cloud Link
Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection Vulnerability.
network
low complexity
dell CWE-601
5.4
2021-11-08 CVE-2021-41733 Open Redirect vulnerability in Oppia 3.1.4
Oppia 3.1.4 does not verify that certain URLs are valid before navigating to them.
network
low complexity
oppia CWE-601
6.1
2021-11-04 CVE-2021-1500 Open Redirect vulnerability in Cisco Collaboration Meeting Rooms and Webex Video Mesh
A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
network
low complexity
cisco CWE-601
6.1