Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-09 | CVE-2021-21476 | Open Redirect vulnerability in SAP UI5 SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. | 5.8 |
2021-02-09 | CVE-2020-22840 | Open Redirect vulnerability in B2Evolution Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 allows an attacker to perform malicious open redirects to an attacker controlled resource via redirect_to parameter in email_passthrough.php. | 5.8 |
2021-02-03 | CVE-2021-25757 | Open Redirect vulnerability in Jetbrains HUB In JetBrains Hub before 2020.1.12629, an open redirect was possible. | 5.8 |
2021-02-02 | CVE-2021-21291 | Open Redirect vulnerability in Oauth2 Proxy Project Oauth2 Proxy OAuth2 Proxy is an open-source reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. | 5.8 |
2021-01-29 | CVE-2020-29537 | Open Redirect vulnerability in RSA Archer Archer before 6.8 P2 (6.8.0.2) is affected by an open redirect vulnerability. | 4.9 |
2021-01-28 | CVE-2020-1723 | Open Redirect vulnerability in multiple products A flaw was found in Keycloak Gatekeeper (Louketo). | 6.1 |
2021-01-26 | CVE-2021-22873 | Open Redirect vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. | 5.8 |
2021-01-20 | CVE-2021-1218 | Open Redirect vulnerability in Cisco Smart Software Manager On-Prem 5.0 A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. | 4.9 |
2021-01-13 | CVE-2021-1310 | Open Redirect vulnerability in Cisco Webex Meetings A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page, bypassing the warning mechanism that should prompt the user before the redirection. | 4.7 |
2021-01-07 | CVE-2020-26979 | Open Redirect vulnerability in Mozilla Firefox When a user typed a URL in the address bar or the search bar and quickly hit the enter key, a website could sometimes capture that event and then redirect the user before navigation occurred to the desired, entered address. | 5.8 |