Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-07 | CVE-2020-26979 | Open Redirect vulnerability in Mozilla Firefox When a user typed a URL in the address bar or the search bar and quickly hit the enter key, a website could sometimes capture that event and then redirect the user before navigation occurred to the desired, entered address. | 6.1 |
2021-01-04 | CVE-2020-29498 | Open Redirect vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite versions prior to 3.1 contain an open redirect vulnerability. | 6.1 |
2020-12-31 | CVE-2020-25846 | Open Redirect vulnerability in Panorama Project Nhiservisignadapter 1.0.20.0218 The digest generation function of NHIServiSignAdapter has not been verified for source file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential. | 7.4 |
2020-12-31 | CVE-2020-25845 | Open Redirect vulnerability in Panorama Project Nhiservisignadapter 1.0.20.0218 Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential. | 7.4 |
2020-12-27 | CVE-2020-35678 | Open Redirect vulnerability in Crossbar Autobahn Autobahn|Python before 20.12.3 allows redirect header injection. | 6.1 |
2020-12-24 | CVE-2020-27729 | Open Redirect vulnerability in F5 Big-Ip Access Policy Manager In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, an undisclosed link on the BIG-IP APM virtual server allows a malicious user to build an open redirect URI. | 6.1 |
2020-12-21 | CVE-2020-4840 | Open Redirect vulnerability in IBM Security Secret Server 10.6 IBM Security Secret Server 10.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
2020-12-18 | CVE-2020-25901 | Open Redirect vulnerability in Spiceworks 7.5.7.0 Host Header Injection in Spiceworks 7.5.7.0 allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages. | 6.1 |
2020-12-15 | CVE-2020-4849 | Open Redirect vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. | 6.1 |
2020-12-09 | CVE-2020-26836 | Open Redirect vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the application URL and share it with the end user who could potentially become a victim of the attack. | 6.1 |