Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-27 | CVE-2019-3877 | Open Redirect vulnerability in multiple products A vulnerability was found in mod_auth_mellon before v0.14.2. | 6.1 |
| 2019-03-26 | CVE-2019-3850 | Open Redirect vulnerability in Moodle A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. | 6.1 |
| 2019-03-22 | CVE-2019-4035 | Open Redirect vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD could allow attackers to direct web traffic to a malicious site. | 5.4 |
| 2019-03-22 | CVE-2019-9915 | Open Redirect vulnerability in Get-Simple. Getsimplecms 3.3.13 GetSimpleCMS 3.3.13 has an Open Redirect via the admin/index.php redirect parameter. | 6.1 |
| 2019-03-21 | CVE-2019-9837 | Open Redirect vulnerability in Openid Connect Doorkeeper::OpenidConnect (aka the OpenID Connect extension for Doorkeeper) 1.4.x and 1.5.x before 1.5.4 has an open redirect via the redirect_uri field in an OAuth authorization request (that results in an error response) with the 'openid' scope and a prompt=none value. | 6.1 |
| 2019-03-21 | CVE-2019-7416 | Open Redirect vulnerability in Opentext Documentum Webtop 5.3 XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. | 6.1 |
| 2019-03-07 | CVE-2018-17422 | Open Redirect vulnerability in Dotcms dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter. | 6.1 |
| 2019-03-07 | CVE-2019-3778 | Open Redirect vulnerability in multiple products Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. | 6.5 |
| 2019-03-05 | CVE-2019-0540 | Open Redirect vulnerability in Microsoft products A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'. | 5.5 |
| 2019-03-05 | CVE-2018-1939 | Open Redirect vulnerability in IBM Cloud Private 3.1.1 IBM Cloud Private 3.1.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |