Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2018-11-13 CVE-2018-14658 Open Redirect vulnerability in Redhat Keycloak 3.2.1
A flaw was found in JBOSS Keycloak 3.2.1.Final.
network
low complexity
redhat CWE-601
6.1
6.1
2018-10-23 CVE-2018-13402 Open Redirect vulnerability in Atlassian Jira
Many resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers to attack users, in some cases be able to obtain a user's Cross-site request forgery (CSRF) token, via a open redirect vulnerability.
network
low complexity
atlassian CWE-601
6.1
6.1
2018-10-23 CVE-2018-13401 Open Redirect vulnerability in Atlassian Jira
The XsrfErrorAction resource in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allows remote attackers to obtain a user's Cross-site request forgery (CSRF) token through an open redirect vulnerability.
network
low complexity
atlassian CWE-601
6.1
6.1
2018-10-19 CVE-2018-12675 Open Redirect vulnerability in Sv3C H.264 POE IP Camera Firmware V2.3.4.2103S50Ntdb20170508B/V2.3.4.2103S50Ntdb20170823B
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) does not perform origin checks on URLs that the camera's web interface redirects a user to.
network
low complexity
sv3c CWE-601
6.1
6.1
2018-10-17 CVE-2018-15493 Open Redirect vulnerability in Vbulletin 5.4.3
vBulletin 5.4.3 has an Open Redirect.
network
low complexity
vbulletin CWE-601
6.1
6.1
2018-10-05 CVE-2018-15403 Open Redirect vulnerability in Cisco products
A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote attacker to redirect a user to a malicious web page.
network
low complexity
cisco CWE-601
5.4
5.4
2018-10-04 CVE-2018-11784 Open Redirect vulnerability in multiple products
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g.
network
low complexity
apache debian canonical netapp redhat oracle CWE-601
4.3
4.3
2018-10-01 CVE-2018-17870 Open Redirect vulnerability in Btiteam Xbtit 2.54
An issue was discovered in BTITeam XBTIT 2.5.4.
network
low complexity
btiteam CWE-601
6.1
6.1
2018-09-28 CVE-2018-1251 Open Redirect vulnerability in Dell EMC Unity Firmware and EMC Unityvsa
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection vulnerability.
network
low complexity
dell CWE-601
8.1
8.1
2018-09-28 CVE-2018-1704 Open Redirect vulnerability in IBM Platform Symphony and Spectrum Symphony
IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
5.4
5.4