Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-02 | CVE-2021-29651 | Open Redirect vulnerability in Pomerium Pomerium before 0.13.4 has an Open Redirect (issue 1 of 2). | 6.1 |
| 2021-03-31 | CVE-2020-24550 | Open Redirect vulnerability in Episerver Find 13.2.6 An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL. | 6.1 |
| 2021-03-29 | CVE-2021-27352 | Open Redirect vulnerability in Ilch CMS 2.1.42 An open redirect vulnerability in Ilch CMS version 2.1.42 allows attackers to redirect users to an attacker's site after a successful login. | 5.4 |
| 2021-03-26 | CVE-2021-1629 | Open Redirect vulnerability in Tableau Server Tableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users. | 6.1 |
| 2021-03-26 | CVE-2021-23888 | Open Redirect vulnerability in Mcafee Epolicy Orchestrator Unvalidated client-side URL redirect vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 could cause an authenticated ePO user to load an untrusted site in an ePO iframe which could steal information from the authenticated user. | 6.3 |
| 2021-03-23 | CVE-2020-12483 | Open Redirect vulnerability in Vivo Appstore The appstore before 8.12.0.0 exposes some of its components, and the attacker can cause remote download and install apps through carefully constructed parameters. | 6.1 |
| 2021-03-10 | CVE-2021-21491 | Open Redirect vulnerability in SAP Netweaver Application Server Java SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. | 6.1 |
| 2021-03-09 | CVE-2020-28150 | Open Redirect vulnerability in Inetsoftware I-Net Clear Reports 20.10.136 I-Net Software Clear Reports 20.10.136 web application accepts a user-controlled input that specifies a link to an external site, and uses the user supplied data in a Redirect. | 6.1 |
| 2021-02-26 | CVE-2021-21273 | Open Redirect vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 6.1 |
| 2021-02-19 | CVE-2021-3189 | Open Redirect vulnerability in Google Slashify 1.0.0 The slashify package 1.0.0 for Node.js allows open-redirect attacks, as demonstrated by a localhost:3000///example.com/ substring. | 6.1 |