Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-23 | CVE-2018-13402 | Open Redirect vulnerability in Atlassian Jira Many resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers to attack users, in some cases be able to obtain a user's Cross-site request forgery (CSRF) token, via a open redirect vulnerability. | 6.1 |
| 2018-10-23 | CVE-2018-13401 | Open Redirect vulnerability in Atlassian Jira The XsrfErrorAction resource in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allows remote attackers to obtain a user's Cross-site request forgery (CSRF) token through an open redirect vulnerability. | 6.1 |
| 2018-10-19 | CVE-2018-12675 | Open Redirect vulnerability in Sv3C H.264 POE IP Camera Firmware V2.3.4.2103S50Ntdb20170508B/V2.3.4.2103S50Ntdb20170823B The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) does not perform origin checks on URLs that the camera's web interface redirects a user to. | 6.1 |
| 2018-10-17 | CVE-2018-15493 | Open Redirect vulnerability in Vbulletin 5.4.3 vBulletin 5.4.3 has an Open Redirect. | 6.1 |
| 2018-10-05 | CVE-2018-15403 | Open Redirect vulnerability in Cisco products A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote attacker to redirect a user to a malicious web page. | 5.4 |
| 2018-10-04 | CVE-2018-11784 | Open Redirect vulnerability in multiple products When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. | 4.3 |
| 2018-10-01 | CVE-2018-17870 | Open Redirect vulnerability in Btiteam Xbtit 2.54 An issue was discovered in BTITeam XBTIT 2.5.4. | 6.1 |
| 2018-09-28 | CVE-2018-1251 | Open Redirect vulnerability in Dell EMC Unity Firmware and EMC Unityvsa Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection vulnerability. | 8.1 |
| 2018-09-28 | CVE-2018-1704 | Open Redirect vulnerability in IBM Platform Symphony and Spectrum Symphony IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.4 |
| 2018-09-27 | CVE-2018-1736 | Open Redirect vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |