Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-19 | CVE-2021-35966 | Open Redirect vulnerability in Learningdigital Orca HCM The specific function of the Orca HCM digital learning platform does not filter input parameters properly, which causing the URL can be redirected to any website. | 6.1 |
| 2021-07-16 | CVE-2021-3647 | Open Redirect vulnerability in Uri.Js Project Uri.Js URI.js is vulnerable to URL Redirection to Untrusted Site | 6.1 |
| 2021-07-15 | CVE-2021-20534 | Open Redirect vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 3.5 |
| 2021-07-12 | CVE-2021-35037 | Open Redirect vulnerability in Jamf Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises. | 6.1 |
| 2021-07-06 | CVE-2021-24406 | Open Redirect vulnerability in Gvectors Wpforo Forum The wpForo Forum WordPress plugin before 1.9.7 did not validate the redirect_to parameter in the login form of the forum, leading to an open redirect issue after a successful login. | 6.1 |
| 2021-07-05 | CVE-2021-23401 | Open Redirect vulnerability in Flask-User Project Flask-User This affects all versions of package Flask-User. | 6.1 |
| 2021-07-02 | CVE-2021-34807 | Open Redirect vulnerability in Zimbra Collaboration An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0. | 6.1 |
| 2021-07-02 | CVE-2020-23182 | Open Redirect vulnerability in PHP-Fusion 9.03.60 The component /php-fusion/infusions/shoutbox_panel/shoutbox_archive.php in PHP-Fusion 9.03.60 allows attackers to redirect victim users to malicious websites via a crafted payload entered into the Shoutbox message panel. | 5.4 |
| 2021-06-29 | CVE-2021-32721 | Open Redirect vulnerability in Powermux Project Powermux 1.0.0/1.1.0 PowerMux is a drop-in replacement for Go's http.ServeMux. | 6.1 |
| 2021-06-29 | CVE-2021-20105 | Open Redirect vulnerability in Machform Machform prior to version 16 is vulnerable to an open redirect in Safari_init.php due to an improperly sanitized 'ref' parameter. | 6.1 |