Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-28 | CVE-2022-23599 | Open Redirect vulnerability in Plone Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. | 6.1 |
| 2022-01-14 | CVE-2021-38678 | Open Redirect vulnerability in Qnap Qcalagent An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. | 6.1 |
| 2022-01-10 | CVE-2021-44528 | Open Redirect vulnerability in Rubyonrails Rails 6.0.4.2/6.1.4.2/7.0.0 A open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. | 6.1 |
| 2022-01-05 | CVE-2022-21651 | Open Redirect vulnerability in Shopware Shopware is an open source e-commerce software platform. | 6.1 |
| 2021-12-24 | CVE-2021-20875 | Open Redirect vulnerability in Groupsession Open redirect vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks by having a user to access a specially crafted URL. | 6.1 |
| 2021-12-17 | CVE-2021-40852 | Open Redirect vulnerability in Tcman GIM 11.0/8.0 TCMAN GIM is affected by an open redirect vulnerability. | 6.1 |
| 2021-12-15 | CVE-2020-18985 | Open Redirect vulnerability in Synacor Zimbra Collaboration Suite 8.8.12 An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers to redirect users to any arbitrary website of their choosing. | 6.1 |
| 2021-12-08 | CVE-2021-43532 | Open Redirect vulnerability in Mozilla Firefox The 'Copy Image Link' context menu action would copy the final image URL after redirects. | 6.1 |
| 2021-12-08 | CVE-2021-36191 | Open Redirect vulnerability in Fortinet Fortiweb A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to use the device as proxy via crafted GET parameters in requests to error handlers | 5.4 |
| 2021-12-08 | CVE-2021-43064 | Open Redirect vulnerability in Fortinet Fortiweb A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers. | 6.1 |