Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-04 | CVE-2021-31252 | Open Redirect vulnerability in Chiyu-Tech products An open redirect vulnerability exists in BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC devices from CHIYU Technology that can be exploited by sending a link that has a specially crafted URL to convince the user to click on it. | 6.1 |
| 2021-05-24 | CVE-2021-23387 | Open Redirect vulnerability in Trailing-Slash Project Trailing-Slash 1.0.0/2.0.0 The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). | 6.1 |
| 2021-05-19 | CVE-2020-36365 | Open Redirect vulnerability in Smartstore Smartstorenet Smartstore (aka SmartStoreNET) before 4.1.0 allows CommonController.ClearCache, ClearDatabaseCache, RestartApplication, and ScheduleTaskController.Edit open redirect. | 6.1 |
| 2021-05-17 | CVE-2021-23384 | Open Redirect vulnerability in Koa-Remove-Trailing-Slashes Project Koa-Remove-Trailing-Slashes 1.0.0/2.0.0/2.0.1 The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). | 5.4 |
| 2021-05-11 | CVE-2021-27612 | Open Redirect vulnerability in SAP GUI for Windows 7.60/7.70 In specific situations SAP GUI for Windows until and including 7.60 PL9, 7.70 PL0, forwards a user to specific malicious website which could contain malware or might lead to phishing attacks to steal credentials of the victim. | 6.1 |
| 2021-05-05 | CVE-2020-13662 | Open Redirect vulnerability in Drupal Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. | 6.1 |
| 2021-05-03 | CVE-2020-23015 | Open Redirect vulnerability in Opnsense An open redirect issue was discovered in OPNsense through 20.1.5. | 6.1 |
| 2021-04-29 | CVE-2021-29137 | Open Redirect vulnerability in Arubanetworks Airwave A remote URL redirection vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. | 6.1 |
| 2021-04-29 | CVE-2021-31879 | Open Redirect vulnerability in multiple products GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. | 6.1 |
| 2021-04-27 | CVE-2020-21998 | Open Redirect vulnerability in Homeautomation Project Homeautomation 3.3.2 In HomeAutomation 3.3.2 input passed via the 'redirect' GET parameter in 'api.php' script is not properly verified before being used to redirect users. | 6.1 |