Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-21 | CVE-2022-31151 | Open Redirect vulnerability in Nodejs Undici Authorization headers are cleared on cross-origin redirect. | 6.5 |
| 2022-07-14 | CVE-2022-25803 | Open Redirect vulnerability in Bestpractical Request Tracker Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search. | 6.1 |
| 2022-07-12 | CVE-2022-33712 | Open Redirect vulnerability in Samsung Camera Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information. | 5.3 |
| 2022-07-08 | CVE-2022-35406 | Open Redirect vulnerability in Portswigger Burp Suite A URL disclosure issue was discovered in Burp Suite before 2022.6. | 4.3 |
| 2022-07-01 | CVE-2022-2250 | Open Redirect vulnerability in Gitlab An open redirect vulnerability in GitLab EE/CE affecting all versions from 11.1 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows an attacker to redirect users to an arbitrary location if they trust the URL. | 6.1 |
| 2022-06-29 | CVE-2017-20119 | Open Redirect vulnerability in Trueconf Server 4.3.7.12219/4.3.7.12255 A vulnerability classified as problematic has been found in TrueConf Server 4.3.7. | 6.1 |
| 2022-06-29 | CVE-2022-2252 | Open Redirect vulnerability in Microweber Open Redirect in GitHub repository microweber/microweber prior to 1.2.19. | 6.1 |
| 2022-06-29 | CVE-2020-26877 | Open Redirect vulnerability in Apifest Oauth 2.0 Server 0.3.1 ApiFest OAuth 2.0 Server 0.3.1 does not validate the redirect URI in accordance with RFC 6749 and is susceptible to an open redirector attack. | 6.1 |
| 2022-06-29 | CVE-2022-29272 | Open Redirect vulnerability in Nagios XI In Nagios XI through 5.8.5, an open redirect vulnerability exists in the login function that could lead to spoofing. | 6.1 |
| 2022-06-28 | CVE-2022-30562 | Open Redirect vulnerability in Dahuasecurity products If the user enables the https function on the device, an attacker can modify the user’s request data packet through a man-in-the-middle attack ,Injection of a malicious URL in the Host: header of the HTTP Request results in a 302 redirect to an attacker-controlled page. | 4.7 |