Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-29 | CVE-2021-31879 | Open Redirect vulnerability in multiple products GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. | 5.8 |
2021-04-27 | CVE-2020-21998 | Open Redirect vulnerability in Homeautomation Project Homeautomation 3.3.2 In HomeAutomation 3.3.2 input passed via the 'redirect' GET parameter in 'api.php' script is not properly verified before being used to redirect users. | 5.8 |
2021-04-27 | CVE-2021-28125 | Open Redirect vulnerability in Apache Superset Apache Superset up to and including 1.0.1 allowed for the creation of an external URL that could be malicious. | 6.1 |
2021-04-21 | CVE-2021-29456 | Open Redirect vulnerability in Authelia Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. | 4.9 |
2021-04-12 | CVE-2021-21392 | Open Redirect vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 6.3 |
2021-04-05 | CVE-2021-24210 | Open Redirect vulnerability in Kiboit Phastpress There is an open redirect in the PhastPress WordPress plugin before 1.111 that allows an attacker to malform a request to a page with the plugin and then redirect the victim to a malicious page. | 5.8 |
2021-04-05 | CVE-2021-24165 | Open Redirect vulnerability in Ninjaforms Ninja Forms In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place. | 5.8 |
2021-04-02 | CVE-2021-29652 | Open Redirect vulnerability in Pomerium Pomerium from version 0.10.0-0.13.3 has an Open Redirect in the user sign-in/out process | 5.8 |
2021-04-02 | CVE-2021-29651 | Open Redirect vulnerability in Pomerium Pomerium before 0.13.4 has an Open Redirect (issue 1 of 2). | 5.8 |
2021-03-31 | CVE-2020-24550 | Open Redirect vulnerability in Episerver Find An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL. | 5.8 |