Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-26 | CVE-2019-6035 | Open Redirect vulnerability in Yahoo Athenz Open redirect vulnerability in Athenz v1.8.24 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page. | 6.1 |
| 2019-12-26 | CVE-2019-6025 | Open Redirect vulnerability in Sixapart Movable Type Open redirect vulnerability in Movable Type series Movable Type 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Advanced 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type Advanced 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type Advanced 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Premium 1.24 and earlier (Movable Type Premium), and Movable Type Premium (Advanced Edition) 1.24 and earlier (Movable Type Premium) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | 6.1 |
| 2019-12-26 | CVE-2019-6021 | Open Redirect vulnerability in Ricoh Limedio Open redirect vulnerability in Library Information Management System LIMEDIO all versions allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | 6.1 |
| 2019-12-26 | CVE-2019-6020 | Open Redirect vulnerability in Alfasado Powercms Open redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x), 4.42 and earlier (PowerCMS 4.x), and 3.293 and earlier (PowerCMS 3.x) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. | 6.1 |
| 2019-12-26 | CVE-2018-18288 | Open Redirect vulnerability in Crushftp CrushFTP through 8.3.0 is vulnerable to credentials theft via URL redirection. | 6.1 |
| 2019-12-18 | CVE-2019-18781 | Open Redirect vulnerability in Zohocorp Manageengine Adselfservice Plus An open redirect vulnerability was discovered in Zoho ManageEngine ADSelfService Plus 5.x before 5809 that allows attackers to force users who click on a crafted link to be sent to a specified external site. | 6.1 |
| 2019-12-18 | CVE-2019-8791 | Open Redirect vulnerability in Apple Shazam An issue existed in the parsing of URL schemes. | 6.1 |
| 2019-12-18 | CVE-2019-19775 | Open Redirect vulnerability in Zulip Server The image thumbnailing handler in Zulip Server versions 1.9.0 to before 2.0.8 allowed an open redirect that was visible to logged-in users. | 6.1 |
| 2019-12-15 | CVE-2014-3652 | Open Redirect vulnerability in Redhat Keycloak 1.0.1 JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL. | 6.1 |
| 2019-12-11 | CVE-2019-19709 | Open Redirect vulnerability in multiple products MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page. | 6.1 |