Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2022-11-01 CVE-2022-3797 Open Redirect vulnerability in Eolink Apinto-Dashboard
A vulnerability was found in eolinker apinto-dashboard.
network
low complexity
eolink CWE-601
6.1
6.1
2022-10-31 CVE-2022-28763 Open Redirect vulnerability in Zoom Meetings and Virtual Desktop Infrastructure
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability.
network
low complexity
zoom CWE-601
critical
 9.6
9.6
2022-10-31 CVE-2022-39021 Open Redirect vulnerability in Edetw U-Office Force 20.0.7668D/20.50.7821D
U-Office Force login function has an Open Redirect vulnerability.
network
low complexity
edetw CWE-601
6.1
6.1
2022-10-26 CVE-2022-39359 Open Redirect vulnerability in Metabase
Metabase is data visualization software.
network
low complexity
metabase CWE-601
6.5
6.5
2022-10-25 CVE-2022-38197 Open Redirect vulnerability in Esri Arcgis Server
Esri ArcGIS Server versions 10.9.1 and below have an unvalidated redirect issue that may allow a remote, unauthenticated attacker to phish a user into accessing an attacker controlled website via a crafted query parameter.
network
low complexity
esri CWE-601
6.1
6.1
2022-10-20 CVE-2022-26954 Open Redirect vulnerability in Nopcommerce
Multiple open redirect vulnerabilities in NopCommerce 4.10 through 4.50.1 allow remote attackers to conduct phishing attacks by redirecting users to attacker-controlled web sites via the returnUrl parameter, processed by the (1) ChangePassword function, (2) SignInCustomerAsync function, (3) SuccessfulAuthentication method, or (4) NopRedirectResultExecutor class.
network
low complexity
nopcommerce CWE-601
6.1
6.1
2022-10-11 CVE-2022-41204 Open Redirect vulnerability in SAP Commerce
An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205, login page through a manipulated URL.
network
low complexity
sap CWE-601
8.8
8.8
2022-10-10 CVE-2022-3438 Open Redirect vulnerability in Ikus-Soft Rdiffweb
Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
network
low complexity
ikus-soft CWE-601
6.1
6.1
2022-09-28 CVE-2022-40083 Open Redirect vulnerability in Labstack Echo 4.8.0
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component.
network
low complexity
labstack CWE-601
critical
 9.6
9.6
2022-09-27 CVE-2022-39258 Open Redirect vulnerability in Mailcow Mailcow: Dockerized
mailcow is a mailserver suite.
network
low complexity
mailcow CWE-601
8.2
8.2