Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-08 | CVE-2021-21354 | Open Redirect vulnerability in Mozilla Pollbot Pollbot is open source software which "frees its human masters from the toilsome task of polling for the state of things during the Firefox release process." In Pollbot before version 1.4.4 there is an open redirection vulnerability in the path of "https://pollbot.services.mozilla.com/". | 5.8 |
2021-02-26 | CVE-2021-21273 | Open Redirect vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 6.1 |
2021-02-26 | CVE-2021-21330 | Open Redirect vulnerability in multiple products aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. | 6.1 |
2021-02-19 | CVE-2021-3189 | Open Redirect vulnerability in Google Slashify 1.0.0 The slashify package 1.0.0 for Node.js allows open-redirect attacks, as demonstrated by a localhost:3000///example.com/ substring. | 5.8 |
2021-02-19 | CVE-2021-27404 | Open Redirect vulnerability in Asus Askey Rtf8115Vw Firmware Brsvg11.11Rtftef001V6.54V014 Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header. | 5.8 |
2021-02-16 | CVE-2020-35560 | Open Redirect vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24 An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. | 5.8 |
2021-02-12 | CVE-2021-22984 | Open Redirect vulnerability in F5 products On BIG-IP Advanced WAF and ASM version 15.1.x before 15.1.0.2, 15.0.x before 15.0.1.4, 14.1.x before 14.1.2.5, 13.1.x before 13.1.3.4, 12.1.x before 12.1.5.2, and 11.6.x before 11.6.5.2, when receiving a unauthenticated client request with a maliciously crafted URI, a BIG-IP Advanced WAF or ASM virtual server configured with a DoS profile with Proactive Bot Defense (versions prior to 14.1.0), or a Bot Defense profile (versions 14.1.0 and later), may subject clients and web servers to Open Redirection attacks. | 5.8 |
2021-02-11 | CVE-2021-22881 | Open Redirect vulnerability in multiple products The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. | 6.1 |
2021-02-10 | CVE-2020-13565 | Open Redirect vulnerability in multiple products An open redirect vulnerability exists in the return_page redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). | 6.1 |
2021-02-09 | CVE-2021-21478 | Open Redirect vulnerability in SAP web Dynpro Abap SAP Web Dynpro ABAP allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. | 5.8 |