Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-05 | CVE-2021-24210 | Open Redirect vulnerability in Kiboit Phastpress There is an open redirect in the PhastPress WordPress plugin before 1.111 that allows an attacker to malform a request to a page with the plugin and then redirect the victim to a malicious page. | 6.1 |
| 2021-04-05 | CVE-2021-24165 | Open Redirect vulnerability in Ninjaforms Ninja Forms In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place. | 6.1 |
| 2021-04-02 | CVE-2020-9995 | Open Redirect vulnerability in Apple Macos Server An issue existed in the parsing of URLs. | 6.1 |
| 2021-04-02 | CVE-2021-29652 | Open Redirect vulnerability in Pomerium Pomerium from version 0.10.0-0.13.3 has an Open Redirect in the user sign-in/out process | 6.1 |
| 2021-04-02 | CVE-2021-29651 | Open Redirect vulnerability in Pomerium Pomerium before 0.13.4 has an Open Redirect (issue 1 of 2). | 6.1 |
| 2021-03-31 | CVE-2020-24550 | Open Redirect vulnerability in Episerver Find 13.2.6 An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL. | 6.1 |
| 2021-03-29 | CVE-2021-27352 | Open Redirect vulnerability in Ilch CMS 2.1.42 An open redirect vulnerability in Ilch CMS version 2.1.42 allows attackers to redirect users to an attacker's site after a successful login. | 5.4 |
| 2021-03-26 | CVE-2021-1629 | Open Redirect vulnerability in Tableau Server Tableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users. | 6.1 |
| 2021-03-26 | CVE-2021-23888 | Open Redirect vulnerability in Mcafee Epolicy Orchestrator Unvalidated client-side URL redirect vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 10 could cause an authenticated ePO user to load an untrusted site in an ePO iframe which could steal information from the authenticated user. | 6.3 |
| 2021-03-23 | CVE-2020-12483 | Open Redirect vulnerability in Vivo Appstore The appstore before 8.12.0.0 exposes some of its components, and the attacker can cause remote download and install apps through carefully constructed parameters. | 6.1 |