Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-13 | CVE-2018-12300 | Open Redirect vulnerability in Seagate NAS OS 4.3.15.1 Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Referer header via the 'state' URL parameter. | 5.8 |
| 2019-05-06 | CVE-2019-5433 | Open Redirect vulnerability in Revive-Adserver Revive Adserver A user having access to the UI of a Revive Adserver instance could be tricked into clicking on a specifically crafted admin account-switch.php URL that would eventually lead them to another (unsafe) domain, potentially used for stealing credentials or other phishing attacks. | 5.8 |
| 2019-04-30 | CVE-2018-14931 | Open Redirect vulnerability in Polarisft Intellect Core Banking 9.7.1 An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. | 5.8 |
| 2019-04-30 | CVE-2019-4166 | Open Redirect vulnerability in IBM Storediq IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2019-04-25 | CVE-2019-3788 | Open Redirect vulnerability in Cloudfoundry UAA Release Cloud Foundry UAA Release, versions prior to 71.0, allows clients to be configured with an insecure redirect uri. | 5.8 |
| 2019-04-25 | CVE-2019-10955 | Open Redirect vulnerability in Rockwellautomation products In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versions Series B, v15.002 and earlier, MicroLogix 1100 Controllers v14.00 and earlier, CompactLogix 5370 L1 controllers v30.014 and earlier, CompactLogix 5370 L2 controllers v30.014 and earlier, CompactLogix 5370 L3 controllers (includes CompactLogix GuardLogix controllers) v30.014 and earlier, an open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user’s machine. | 5.8 |
| 2019-04-25 | CVE-2019-4092 | Open Redirect vulnerability in IBM Content Navigator 2.0.0/3.0.0 IBM Content Navigator 2.0.3 and 3.0CD could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2019-04-24 | CVE-2019-8995 | Open Redirect vulnerability in Tibco Activematrix BPM and Silver Fabric Enabler The workspace client, openspace client, and app development client of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, and TIBCO Silver Fabric Enabler for ActiveMatrix BPM contain a vulnerability wherein a malicious URL could trick a user into visiting a website of the attacker's choice. | 6.1 |
| 2019-04-09 | CVE-2018-20698 | Open Redirect vulnerability in Search-Guard Search Guard The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set. | 4.3 |
| 2019-04-08 | CVE-2019-11016 | Open Redirect vulnerability in Elgg Elgg before 1.12.18 and 2.3.x before 2.3.11 has an open redirect. | 5.8 |