Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2024-09-07 CVE-2024-8555 Open Redirect vulnerability in Oretnom23 Clinic'S Patient Management System 2.0
A vulnerability was found in SourceCodester Clinics Patient Management System 2.0.
network
low complexity
oretnom23 CWE-601
6.1
2024-09-04 CVE-2024-8412 Open Redirect vulnerability in Linuxos Shakal-Ng
A vulnerability, which was classified as problematic, was found in LinuxOSsk Shakal-NG up to 1.3.3.
network
low complexity
linuxos CWE-601
6.1
2024-09-03 CVE-2024-8386 Open Redirect vulnerability in Mozilla Firefox
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack.
network
low complexity
mozilla CWE-601
6.1
2024-08-29 CVE-2024-44776 Open Redirect vulnerability in Vtiger CRM 7.4.0
An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redirect users to a malicious site via a crafted URL.
network
low complexity
vtiger CWE-601
6.1
2024-08-29 CVE-2024-35133 Open Redirect vulnerability in IBM products
IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote authenticated attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
8.2
2024-08-27 CVE-2024-7941 Open Redirect vulnerability in Hitachienergy Microscada X Sys600 10.5
An HTTP parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
network
low complexity
hitachienergy CWE-601
4.3
2024-08-20 CVE-2024-6377 Open Redirect vulnerability in 3DS 3Dexperience R2022X/R2023X
An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to redirect users to an arbitrary website via a crafted URL.
network
low complexity
3ds CWE-601
6.1
2024-08-17 CVE-2024-7902 Open Redirect vulnerability in Public Knowledge Project Open Journal Systems
A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic.
network
low complexity
public-knowledge-project CWE-601
6.1
2024-08-14 CVE-2024-42353 Open Redirect vulnerability in Pylonsproject Webob
WebOb provides objects for HTTP requests and responses.
network
low complexity
pylonsproject CWE-601
6.1
2024-08-01 CVE-2024-7211 Open Redirect vulnerability in 1E Platform
The 1E Platform's component utilized the third-party Duende Identity Server, which suffered from an open redirect vulnerability, permitting an attacker to control the redirection path of end users. Note: 1E Platform's component utilizing the third-party Duende Identity Server has been updated with the patch that includes the fix.
network
low complexity
1e CWE-601
6.1