Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-19 | CVE-2021-3189 | Open Redirect vulnerability in Google Slashify 1.0.0 The slashify package 1.0.0 for Node.js allows open-redirect attacks, as demonstrated by a localhost:3000///example.com/ substring. | 6.1 |
| 2021-02-19 | CVE-2021-27404 | Open Redirect vulnerability in Asus Askey Rtf8115Vw Firmware Brsvg11.11Rtftef001V6.54V014 Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header. | 6.1 |
| 2021-02-16 | CVE-2020-35560 | Open Redirect vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24 An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. | 6.1 |
| 2021-02-12 | CVE-2021-22984 | Open Redirect vulnerability in F5 products On BIG-IP Advanced WAF and ASM version 15.1.x before 15.1.0.2, 15.0.x before 15.0.1.4, 14.1.x before 14.1.2.5, 13.1.x before 13.1.3.4, 12.1.x before 12.1.5.2, and 11.6.x before 11.6.5.2, when receiving a unauthenticated client request with a maliciously crafted URI, a BIG-IP Advanced WAF or ASM virtual server configured with a DoS profile with Proactive Bot Defense (versions prior to 14.1.0), or a Bot Defense profile (versions 14.1.0 and later), may subject clients and web servers to Open Redirection attacks. | 6.1 |
| 2021-02-11 | CVE-2021-22881 | Open Redirect vulnerability in multiple products The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. | 6.1 |
| 2021-02-10 | CVE-2020-13565 | Open Redirect vulnerability in multiple products An open redirect vulnerability exists in the return_page redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). | 6.1 |
| 2021-02-09 | CVE-2021-21478 | Open Redirect vulnerability in SAP web Dynpro Abap SAP Web Dynpro ABAP allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. | 6.1 |
| 2021-02-09 | CVE-2021-21476 | Open Redirect vulnerability in SAP UI5 SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. | 6.1 |
| 2021-02-09 | CVE-2020-22840 | Open Redirect vulnerability in B2Evolution Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 allows an attacker to perform malicious open redirects to an attacker controlled resource via redirect_to parameter in email_passthrough.php. | 6.1 |
| 2021-02-03 | CVE-2021-25757 | Open Redirect vulnerability in Jetbrains HUB In JetBrains Hub before 2020.1.12629, an open redirect was possible. | 6.1 |