Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-29 | CVE-2021-20105 | Open Redirect vulnerability in Machform Machform prior to version 16 is vulnerable to an open redirect in Safari_init.php due to an improperly sanitized 'ref' parameter. | 6.1 |
| 2021-06-28 | CVE-2021-34254 | Open Redirect vulnerability in Umbraco CMS Umbraco CMS before 7.15.7 is vulnerable to Open Redirection due to insufficient url sanitization on booting.aspx. | 6.1 |
| 2021-06-24 | CVE-2021-25655 | Open Redirect vulnerability in Avaya Aura Experience Portal 7.1/8.0.0 A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. | 6.1 |
| 2021-06-23 | CVE-2020-18660 | Open Redirect vulnerability in Get-Simple Getsimplecms GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter. | 6.1 |
| 2021-06-22 | CVE-2021-35206 | Open Redirect vulnerability in Gitpod Gitpod before 0.6.0 allows unvalidated redirects. | 6.1 |
| 2021-06-11 | CVE-2021-22903 | Open Redirect vulnerability in Rubyonrails Rails The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. | 6.1 |
| 2021-06-11 | CVE-2021-23393 | Open Redirect vulnerability in Flask Unchained Project Flask Unchained This affects the package Flask-Unchained before 0.9.0. | 5.4 |
| 2021-06-07 | CVE-2020-18268 | Open Redirect vulnerability in Zblogcn Z-Blogphp Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect" parameter in the component "zb_system/cmd.php." | 6.1 |
| 2021-06-04 | CVE-2021-31252 | Open Redirect vulnerability in Chiyu-Tech products An open redirect vulnerability exists in BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC devices from CHIYU Technology that can be exploited by sending a link that has a specially crafted URL to convince the user to click on it. | 6.1 |
| 2021-05-24 | CVE-2021-23387 | Open Redirect vulnerability in Trailing-Slash Project Trailing-Slash 1.0.0/2.0.0 The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). | 6.1 |