Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2021-02-11 CVE-2021-22881 Open Redirect vulnerability in multiple products
The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability.
network
low complexity
rubyonrails fedoraproject CWE-601
6.1
6.1
2021-02-10 CVE-2020-13565 Open Redirect vulnerability in multiple products
An open redirect vulnerability exists in the return_page redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce).
network
low complexity
open-emr phpgacl-project CWE-601
6.1
6.1
2021-02-09 CVE-2021-21478 Open Redirect vulnerability in SAP web Dynpro Abap
SAP Web Dynpro ABAP allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
network
low complexity
sap CWE-601
6.1
6.1
2021-02-09 CVE-2021-21476 Open Redirect vulnerability in SAP UI5
SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
network
low complexity
sap CWE-601
6.1
6.1
2021-02-09 CVE-2020-22840 Open Redirect vulnerability in B2Evolution
Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 allows an attacker to perform malicious open redirects to an attacker controlled resource via redirect_to parameter in email_passthrough.php.
network
low complexity
b2evolution CWE-601
6.1
6.1
2021-02-03 CVE-2021-25757 Open Redirect vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12629, an open redirect was possible.
network
low complexity
jetbrains CWE-601
6.1
6.1
2021-01-29 CVE-2020-29537 Open Redirect vulnerability in RSA Archer
Archer before 6.8 P2 (6.8.0.2) is affected by an open redirect vulnerability.
network
low complexity
rsa CWE-601
5.4
5.4
2021-01-28 CVE-2020-1723 Open Redirect vulnerability in multiple products
A flaw was found in Keycloak Gatekeeper (Louketo).
network
low complexity
redhat keycloak-gatekeeper-project CWE-601
6.1
6.1
2021-01-26 CVE-2021-22873 Open Redirect vulnerability in Revive-Adserver Revive Adserver
Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts.
network
low complexity
revive-adserver CWE-601
6.1
6.1
2021-01-13 CVE-2021-1310 Open Redirect vulnerability in Cisco Webex Meetings
A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page, bypassing the warning mechanism that should prompt the user before the redirection.
network
low complexity
cisco CWE-601
4.7
4.7