Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2018-06-13 CVE-2018-11408 Open Redirect vulnerability in multiple products
The security handlers in the Security component in Symfony in 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11 have an Open redirect vulnerability when security.http_utils is inlined by a container.
network
low complexity
sensiolabs debian CWE-601
6.1
6.1
2018-06-13 CVE-2017-16652 Open Redirect vulnerability in multiple products
An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13.
network
low complexity
sensiolabs debian CWE-601
6.1
6.1
2018-06-11 CVE-2017-5389 Open Redirect vulnerability in Mozilla Firefox
WebExtensions could use the "mozAddonManager" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site.
network
low complexity
mozilla CWE-601
6.1
6.1
2018-06-11 CVE-2016-9078 Open Redirect vulnerability in Mozilla Firefox 49.0/50.0
Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances.
network
low complexity
mozilla CWE-601
8.8
8.8
2018-06-07 CVE-2017-16224 Open Redirect vulnerability in ST Project ST
st is a module for serving static files.
network
low complexity
st-project CWE-601
6.1
6.1
2018-06-04 CVE-2017-1748 Open Redirect vulnerability in IBM Connections 5.0.0.0/5.5.0.0/6.0
IBM Connections 5.0, 5.5, and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
6.1
6.1
2018-06-01 CVE-2018-3743 Open Redirect vulnerability in Hekto Project Hekto
Open redirect in hekto <=0.2.3 when target domain name is used as html filename on server.
network
low complexity
hekto-project CWE-601
6.1
6.1
2018-05-23 CVE-2018-10651 Open Redirect vulnerability in Citrix Xenmobile Server 10.7/10.8
There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
network
low complexity
citrix CWE-601
6.1
6.1
2018-05-22 CVE-2015-8094 Open Redirect vulnerability in Cloudera HUE 3.9.0
Open redirect vulnerability in Cloudera HUE before 3.10.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter.
network
low complexity
cloudera CWE-601
6.1
6.1
2018-05-17 CVE-2018-11119 Open Redirect vulnerability in Ilias
ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 redirects a logged-in user to a third-party site via the return_to_url parameter.
network
low complexity
ilias CWE-601
6.1
6.1