Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-25 | CVE-2019-10955 | Open Redirect vulnerability in Rockwellautomation products In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user’s machine. | 6.1 |
| 2019-04-25 | CVE-2019-4092 | Open Redirect vulnerability in IBM Content Navigator 2.0.0/3.0.0 IBM Content Navigator 2.0.3 and 3.0CD could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2019-04-24 | CVE-2019-8995 | Open Redirect vulnerability in Tibco Activematrix BPM and Silver Fabric Enabler The workspace client, openspace client, and app development client of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, and TIBCO Silver Fabric Enabler for ActiveMatrix BPM contain a vulnerability wherein a malicious URL could trick a user into visiting a website of the attacker's choice. | 6.1 |
| 2019-04-09 | CVE-2018-20698 | Open Redirect vulnerability in Search-Guard Search Guard The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set. | 6.1 |
| 2019-04-08 | CVE-2019-11016 | Open Redirect vulnerability in Elgg Elgg before 1.12.18 and 2.3.x before 2.3.11 has an open redirect. | 6.1 |
| 2019-04-04 | CVE-2019-10856 | Open Redirect vulnerability in Jupyter Notebook In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. | 6.1 |
| 2019-04-02 | CVE-2018-15180 | Open Redirect vulnerability in Qasymphony Qtest Manager 9.0.0 qTest Portal in QASymphony qTest Manager 9.0.0 has an Open Redirect via the /portal/loginform redirect parameter. | 6.1 |
| 2019-04-01 | CVE-2018-8913 | Open Redirect vulnerability in Synology web Station Missing custom error page vulnerability in Synology Web Station before 2.1.3-0139 allows remote attackers to conduct phishing attacks via a crafted URL. | 6.1 |
| 2019-03-29 | CVE-2017-18109 | Open Redirect vulnerability in Atlassian Crowd The login resource of CrowdId in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect. | 6.1 |
| 2019-03-28 | CVE-2019-10255 | Open Redirect vulnerability in Jupyter Jupyterhub and Notebook An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. | 6.1 |