Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-05 | CVE-2018-1002102 | Open Redirect vulnerability in multiple products Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. | 2.6 |
| 2019-11-27 | CVE-2016-1000110 | Open Redirect vulnerability in multiple products The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests. | 6.1 |
| 2019-11-26 | CVE-2019-18451 | Open Redirect vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.7.4 through 12.4 in the InternalRedirect filtering feature. | 6.1 |
| 2019-11-26 | CVE-2019-15688 | Open Redirect vulnerability in Kaspersky products Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component did not adequately inform the user about the threat of redirecting to an untrusted site. | 6.1 |
| 2019-11-26 | CVE-2019-14857 | Open Redirect vulnerability in Openidc MOD Auth Openidc A flaw was found in mod_auth_openidc before version 2.4.0.1. | 6.1 |
| 2019-11-22 | CVE-2014-2213 | Open Redirect vulnerability in Posh Project Posh Open redirect vulnerability in the password reset functionality in POSH 3.0 through 3.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to portal/scr_sendmd5.php. | 6.1 |
| 2019-11-20 | CVE-2019-15073 | Open Redirect vulnerability in Openfind Mail2000 6.0/7.0 An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication. | 6.1 |
| 2019-11-18 | CVE-2018-13257 | Open Redirect vulnerability in Blackboard Learn 20180702 The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service (CAS) service ticket validation, enabling a phishing attack from the CAS server login page. | 6.1 |
| 2019-11-07 | CVE-2019-18815 | Open Redirect vulnerability in Popojicms 2.0.1 PopojiCMS 2.0.1 allows refer= Open Redirection. | 6.1 |
| 2019-11-06 | CVE-2010-2471 | Open Redirect vulnerability in multiple products Drupal versions 5.x and 6.x has open redirection | 6.1 |