Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-28 | CVE-2024-31135 | Open Redirect vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03 open redirect was possible on the login page | 6.1 |
| 2024-02-21 | CVE-2022-45169 | Open Redirect vulnerability in Liveboxcloud Vdesk 018/031 An issue was discovered in LIVEBOX Collaboration vDesk through v031. | 5.4 |
| 2024-02-20 | CVE-2024-24763 | Open Redirect vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host and an operation and maintenance security audit system. | 6.1 |
| 2024-02-20 | CVE-2024-25608 | Open Redirect vulnerability in Liferay Digital Experience Platform HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7.4 before update 19, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions can be circumvented by using the 'REPLACEMENT CHARACTER' (U+FFFD), which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, (3) `noSuchEntryRedirect` parameter, and (4) others parameters that rely on HtmlUtil.escapeRedirect. | 6.1 |
| 2024-02-20 | CVE-2024-25609 | Open Redirect vulnerability in Liferay Digital Experience Platform HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 service pack 3, 7.2 fix pack 15 through 18, and older unsupported versions can be circumvented by using two forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect. | 6.1 |
| 2024-02-12 | CVE-2024-0250 | Open Redirect vulnerability in Deconf Analytics Insights The Analytics Insights for Google Analytics 4 (AIWP) WordPress plugin before 6.3 is vulnerable to Open Redirect due to insufficient validation on the redirect oauth2callback.php file. | 6.1 |
| 2024-02-11 | CVE-2024-25715 | Open Redirect vulnerability in Glewlwyd SSO Server Project Glewlwyd SSO Server Glewlwyd SSO server 2.x through 2.7.6 allows open redirection via redirect_uri. | 6.1 |
| 2024-02-08 | CVE-2024-24034 | Open Redirect vulnerability in Setorinformatica S.I.L 3.0 Setor Informatica S.I.L version 3.0 is vulnerable to Open Redirect via the hprinter parameter, allows remote attackers to execute arbitrary code. | 6.1 |
| 2024-02-06 | CVE-2024-24291 | Open Redirect vulnerability in Yzmcms 7.0 An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL. | 6.1 |
| 2024-02-05 | CVE-2024-0953 | Open Redirect vulnerability in Mozilla Firefox When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. | 6.1 |