Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-05 | CVE-2024-0953 | Open Redirect vulnerability in Mozilla Firefox When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. | 6.1 |
| 2024-02-02 | CVE-2024-21794 | Open Redirect vulnerability in Rapidscada Rapid Scada In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login page. | 5.4 |
| 2024-01-29 | CVE-2023-6389 | Open Redirect vulnerability in Abhinavsingh Wordpress Toolbar 2.2.6 The WordPress Toolbar WordPress plugin through 2.2.6 redirects to any URL via the "wptbto" parameter. | 6.1 |
| 2024-01-26 | CVE-2023-6291 | Open Redirect vulnerability in Redhat products A flaw was found in the redirect_uri validation logic in Keycloak. | 7.1 |
| 2024-01-24 | CVE-2024-22308 | Open Redirect vulnerability in Simple-Membership-Plugin Simple Membership URL Redirection to Untrusted Site ('Open Redirect') vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.4.1. | 6.1 |
| 2024-01-24 | CVE-2024-0854 | Open Redirect vulnerability in Synology Diskstation Manager URL redirection to untrusted site ('Open Redirect') vulnerability in file access component in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42218-7, 7.1.1-42962-7 and 7.2.1-69057-2 allows remote authenticated users to conduct phishing attacks via unspecified vectors. | 5.4 |
| 2024-01-22 | CVE-2024-22113 | Open Redirect vulnerability in Anglers-Net CGI An-Anlyzer 20190624/20231231 Open redirect vulnerability in Access analysis CGI An-Analyzer released in 2023 December 31 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary websites and conduct phishing attacks via a specially crafted URL. | 6.1 |
| 2024-01-16 | CVE-2023-3771 | Open Redirect vulnerability in T1 Project T1 The T1 WordPress theme through 19.0 is vulnerable to unauthenticated open redirect with which any attacker and redirect users to arbitrary websites. | 6.1 |
| 2024-01-10 | CVE-2023-49394 | Open Redirect vulnerability in Easycorp Zentao Zentao versions 4.1.3 and before has a URL redirect vulnerability, which prevents the system from functioning properly. | 6.1 |
| 2024-01-08 | CVE-2023-6552 | Open Redirect vulnerability in Tasmoadmin Lack of "current" GET parameter validation during the action of changing a language leads to an open redirect vulnerability. | 6.1 |