Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2018-09-07 CVE-2018-14398 Open Redirect vulnerability in Cremecrm 1.6.12
An issue was discovered in Creme CRM 1.6.12.
network
low complexity
cremecrm CWE-601
6.1
6.1
2018-09-06 CVE-2018-14366 Open Redirect vulnerability in multiple products
download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability.
network
low complexity
pulsesecure ivanti CWE-601
6.1
6.1
2018-09-06 CVE-2018-1000671 Open Redirect vulnerability in multiple products
sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The "referer" parameter of the wwsympa.fcgi login action.
network
low complexity
sympa debian CWE-601
6.1
6.1
2018-09-05 CVE-2018-15683 Open Redirect vulnerability in Btiteam Xbtit 2.5.4
An issue was discovered in BTITeam XBTIT.
network
low complexity
btiteam CWE-601
6.1
6.1
2018-08-28 CVE-2017-15419 Open Redirect vulnerability in multiple products
Insufficient policy enforcement in Resource Timing API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to infer browsing history by triggering a leaked cross-origin URL via a crafted HTML page.
network
low complexity
redhat debian google CWE-601
6.5
6.5
2018-08-09 CVE-2018-7692 Open Redirect vulnerability in Microfocus Edirectory
Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1.
network
low complexity
microfocus CWE-601
6.1
6.1
2018-08-08 CVE-2018-15178 Open Redirect vulnerability in Gogs
Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go.
network
low complexity
gogs CWE-601
6.1
6.1
2018-08-06 CVE-2018-7091 Open Redirect vulnerability in HP XP 9000 Command View
HPE XP P9000 Command View Advanced Edition Software (CVAE) has open URL redirection vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr.
network
low complexity
hp CWE-601
6.1
6.1
2018-08-06 CVE-2017-8989 Open Redirect vulnerability in HP Icewall SSO 10.0/11.0
A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, HP-UX, and Windows could be exploited remotely to allow URL Redirection.
network
low complexity
hp CWE-601
critical
 9.1
9.1
2018-08-03 CVE-2018-14574 Open Redirect vulnerability in multiple products
django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.
network
low complexity
djangoproject debian canonical CWE-601
6.1
6.1