Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-07 | CVE-2019-18815 | Open Redirect vulnerability in Popojicms 2.0.1 PopojiCMS 2.0.1 allows refer= Open Redirection. | 6.1 |
| 2019-11-06 | CVE-2010-2471 | Open Redirect vulnerability in multiple products Drupal versions 5.x and 6.x has open redirection | 6.1 |
| 2019-11-04 | CVE-2010-3669 | Open Redirect vulnerability in Typo3 TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS and Open Redirection in the frontend login box. | 5.4 |
| 2019-11-01 | CVE-2010-3661 | Open Redirect vulnerability in Typo3 TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Open Redirection on the backend. | 6.1 |
| 2019-10-02 | CVE-2019-4538 | Open Redirect vulnerability in IBM Security Directory Server 6.4.0 IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 8.2 |
| 2019-10-01 | CVE-2019-15041 | Open Redirect vulnerability in Jetbrains Youtrack JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere. | 6.1 |
| 2019-09-25 | CVE-2019-10098 | Open Redirect vulnerability in Apache Http Server In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL. | 6.1 |
| 2019-09-20 | CVE-2019-14912 | Open Redirect vulnerability in Prise Adas 1.7.0 An issue was discovered in PRiSE adAS 1.7.0. | 6.1 |
| 2019-09-17 | CVE-2019-16393 | Open Redirect vulnerability in multiple products SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character. | 6.1 |
| 2019-09-12 | CVE-2019-6009 | Open Redirect vulnerability in Ss-Proj Shirasagi Open redirect vulnerability in SHIRASAGI v1.7.0 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 6.1 |