Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-15 | CVE-2020-4849 | Open Redirect vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. | 5.8 |
2020-12-09 | CVE-2020-26836 | Open Redirect vulnerability in SAP Solution Manager 7.20 SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the application URL and share it with the end user who could potentially become a victim of the attack. | 5.8 |
2020-12-04 | CVE-2020-29565 | Open Redirect vulnerability in multiple products An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. | 5.8 |
2020-12-02 | CVE-2020-27816 | Open Redirect vulnerability in multiple products The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. | 5.8 |
2020-11-24 | CVE-2020-26232 | Open Redirect vulnerability in Jupyter Server Jupyter Server before version 1.0.6 has an Open redirect vulnerability. | 5.5 |
2020-11-24 | CVE-2020-28726 | Open Redirect vulnerability in Seeddms 6.0.13 Open redirect in SeedDMS 6.0.13 via the dropfolderfileform1 parameter to out/out.AddDocument.php. | 5.8 |
2020-11-18 | CVE-2020-26215 | Open Redirect vulnerability in multiple products Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. | 5.8 |
2020-11-18 | CVE-2020-15300 | Open Redirect vulnerability in Salesagility Suitecrm SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document. | 5.8 |
2020-11-18 | CVE-2020-28724 | Open Redirect vulnerability in Palletsprojects Werkzeug Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL. | 5.8 |
2020-11-11 | CVE-2020-26219 | Open Redirect vulnerability in Touchbase.Ai Project Touchbase.Ai touchbase.ai before version 2.0 is vulnerable to Open Redirect. | 5.8 |