Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-08 | CVE-2018-15178 | Open Redirect vulnerability in Gogs Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go. | 6.1 |
| 2018-08-06 | CVE-2018-7091 | Open Redirect vulnerability in HP XP 9000 Command View HPE XP P9000 Command View Advanced Edition Software (CVAE) has open URL redirection vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr. | 6.1 |
| 2018-08-06 | CVE-2017-8989 | Open Redirect vulnerability in HP Icewall SSO 10.0/11.0 A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, HP-UX, and Windows could be exploited remotely to allow URL Redirection. | 9.1 |
| 2018-08-03 | CVE-2018-14574 | Open Redirect vulnerability in multiple products django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect. | 6.1 |
| 2018-07-20 | CVE-2018-14474 | Open Redirect vulnerability in Goodoldweb Orange Forum 1.4.0 views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup. | 6.1 |
| 2018-07-18 | CVE-2018-14381 | Open Redirect vulnerability in Pagekit Pagekit before 1.0.14 has a /user/login?redirect= open redirect vulnerability. | 6.1 |
| 2018-07-11 | CVE-2013-0594 | Open Redirect vulnerability in IBM Inotes Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 6.1 |
| 2018-06-27 | CVE-2018-1355 | Open Redirect vulnerability in Fortinet Fortianalyzer and Fortimanager An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. | 6.1 |
| 2018-06-26 | CVE-2018-1000504 | Open Redirect vulnerability in Redirection 2.7.3 Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode that can result in allows admins to execute any PHP file in the filesystem. | 7.2 |
| 2018-06-25 | CVE-2018-11041 | Open Redirect vulnerability in Pivotal Software Cloud Foundry UAA and Cloud Foundry Uaa-Release Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than v48 and prior to v60 except v55.1 and v52.9, does not validate redirect URL values on a form parameter used for internal UAA redirects on the login page, allowing open redirects. | 6.1 |