Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-04 | CVE-2024-8412 | Open Redirect vulnerability in Linuxos Shakal-Ng A vulnerability, which was classified as problematic, was found in LinuxOSsk Shakal-NG up to 1.3.3. | 6.1 |
| 2024-09-03 | CVE-2024-8386 | Open Redirect vulnerability in Mozilla Firefox If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. | 6.1 |
| 2024-08-29 | CVE-2024-44776 | Open Redirect vulnerability in Vtiger CRM 7.4.0 An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redirect users to a malicious site via a crafted URL. | 6.1 |
| 2024-08-29 | CVE-2024-35133 | Open Redirect vulnerability in IBM products IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote authenticated attacker to conduct phishing attacks, using an open redirect attack. | 8.2 |
| 2024-08-27 | CVE-2024-7941 | Open Redirect vulnerability in Hitachienergy Microscada X Sys600 10.5 An HTTP parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. | 4.3 |
| 2024-08-20 | CVE-2024-6377 | Open Redirect vulnerability in 3DS 3Dexperience R2022X/R2023X An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to redirect users to an arbitrary website via a crafted URL. | 6.1 |
| 2024-08-17 | CVE-2024-7902 | Open Redirect vulnerability in Public Knowledge Project Open Journal Systems A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic. | 6.1 |
| 2024-08-14 | CVE-2024-42353 | Open Redirect vulnerability in Pylonsproject Webob WebOb provides objects for HTTP requests and responses. | 6.1 |
| 2024-08-01 | CVE-2024-7211 | Open Redirect vulnerability in 1E Platform The 1E Platform's component utilized the third-party Duende Identity Server, which suffered from an open redirect vulnerability, permitting an attacker to control the redirection path of end users. Note: 1E Platform's component utilizing the third-party Duende Identity Server has been updated with the patch that includes the fix. | 6.1 |
| 2024-07-31 | CVE-2024-41955 | Open Redirect vulnerability in Opensecurity Mobile Security Framework Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. | 5.4 |