Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-29 | CVE-2019-15775 | Open Redirect vulnerability in Learning Courses Project Learning Courses The nd-learning plugin before 4.8 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting. | 5.8 |
| 2019-08-29 | CVE-2019-15774 | Open Redirect vulnerability in Booking Project Booking The nd-booking plugin before 2.5 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting. | 5.8 |
| 2019-08-29 | CVE-2019-15773 | Open Redirect vulnerability in Travel Management Project Travel Management The nd-travel plugin before 1.7 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting. | 5.8 |
| 2019-08-29 | CVE-2019-15772 | Open Redirect vulnerability in Donations Project Donations The nd-donations plugin before 1.4 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting. | 5.8 |
| 2019-08-23 | CVE-2019-10751 | Open Redirect vulnerability in Httpie All versions of the HTTPie package prior to version 1.0.3 are vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to a crafted URL pointing to a server in his or hers control. | 5.8 |
| 2019-08-23 | CVE-2019-13422 | Open Redirect vulnerability in Search-Guard Search Guard Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana login. | 5.8 |
| 2019-08-23 | CVE-2019-11589 | Open Redirect vulnerability in Atlassian Jira Server The ChangeSharedFilterOwner resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to attack users, in some cases be able to obtain a user's Cross-site request forgery (CSRF) token, via a open redirect vulnerability. | 5.8 |
| 2019-08-23 | CVE-2019-11585 | Open Redirect vulnerability in Atlassian Jira The startup.jsp resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect. | 5.8 |
| 2019-08-07 | CVE-2019-10372 | Open Redirect vulnerability in Jenkins Gitlab Oauth An open redirect vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows attackers to redirect users to a URL outside Jenkins after successful login. | 6.1 |
| 2019-08-05 | CVE-2016-10769 | Open Redirect vulnerability in Cpanel cPanel before 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi (SEC-162). | 5.8 |