Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2019-11-26 CVE-2019-15688 Open Redirect vulnerability in Kaspersky products
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component did not adequately inform the user about the threat of redirecting to an untrusted site.
network
low complexity
kaspersky CWE-601
6.1
2019-11-26 CVE-2019-14857 Open Redirect vulnerability in Openidc MOD Auth Openidc
A flaw was found in mod_auth_openidc before version 2.4.0.1.
network
low complexity
openidc CWE-601
6.1
2019-11-22 CVE-2014-2213 Open Redirect vulnerability in Posh Project Posh
Open redirect vulnerability in the password reset functionality in POSH 3.0 through 3.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to portal/scr_sendmd5.php.
network
low complexity
posh-project CWE-601
6.1
2019-11-20 CVE-2019-15073 Open Redirect vulnerability in Openfind Mail2000 6.0/7.0
An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication.
network
low complexity
openfind CWE-601
6.1
2019-11-18 CVE-2018-13257 Open Redirect vulnerability in Blackboard Learn 20180702
The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service (CAS) service ticket validation, enabling a phishing attack from the CAS server login page.
network
low complexity
blackboard CWE-601
6.1
2019-11-07 CVE-2019-18815 Open Redirect vulnerability in Popojicms 2.0.1
PopojiCMS 2.0.1 allows refer= Open Redirection.
network
low complexity
popojicms CWE-601
6.1
2019-11-06 CVE-2010-2471 Open Redirect vulnerability in multiple products
Drupal versions 5.x and 6.x has open redirection
network
low complexity
drupal debian CWE-601
6.1
2019-11-04 CVE-2010-3669 Open Redirect vulnerability in Typo3
TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS and Open Redirection in the frontend login box.
network
low complexity
typo3 CWE-601
5.4
2019-11-01 CVE-2010-3661 Open Redirect vulnerability in Typo3
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Open Redirection on the backend.
network
low complexity
typo3 CWE-601
6.1
2019-10-02 CVE-2019-4538 Open Redirect vulnerability in IBM Security Directory Server 6.4.0
IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
8.2