Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2022-08-22 CVE-2021-3639 Open Redirect vulnerability in Uninett MOD Auth Mellon
A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly.
network
low complexity
uninett CWE-601
6.1
6.1
2022-08-16 CVE-2022-25799 Open Redirect vulnerability in Cert Vince 1.48.0/1.49.0
An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0.
network
low complexity
cert CWE-601
6.1
6.1
2022-08-12 CVE-2022-35953 Open Redirect vulnerability in Joinbookwyrm Bookwyrm
BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next.
network
low complexity
joinbookwyrm CWE-601
6.1
6.1
2022-08-11 CVE-2022-28755 Open Redirect vulnerability in Zoom
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability.
network
low complexity
zoom CWE-601
6.1
6.1
2022-08-05 CVE-2022-31657 Open Redirect vulnerability in VMWare products
VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability.
network
low complexity
vmware CWE-601
critical
 9.8
9.8
2022-08-02 CVE-2021-23385 Open Redirect vulnerability in Flask-Security Project Flask-Security
This affects all versions of package Flask-Security.
network
low complexity
flask-security-project CWE-601
6.1
6.1
2022-08-01 CVE-2022-31193 Open Redirect vulnerability in Duraspace Dspace
DSpace open source software is a repository application which provides durable access to digital resources.
network
low complexity
duraspace CWE-601
6.1
6.1
2022-07-28 CVE-2022-27509 Open Redirect vulnerability in Citrix Application Delivery Controller Firmware and Gateway
Unauthenticated redirection to a malicious website
network
low complexity
citrix CWE-601
6.1
6.1
2022-07-26 CVE-2022-30706 Open Redirect vulnerability in Twinkletoessoftware Booked
Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
network
low complexity
twinkletoessoftware CWE-601
6.1
6.1
2022-07-25 CVE-2022-35652 Open Redirect vulnerability in multiple products
An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature.
network
low complexity
moodle fedoraproject CWE-601
6.1
6.1