Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-02 | CVE-2016-0329 | Open Redirect vulnerability in IBM Emptoris Sourcing Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x before 10.0.0.1_iFix3, 10.0.1.x before 10.0.1.3_iFix3, 10.0.2.x before 10.0.2.8_iFix1, 10.0.4.0 before 10.0.4.0_iFix8, and 10.1.0.0 before 10.1.0.0_iFix3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 5.4 |
| 2018-02-02 | CVE-2018-6520 | Open Redirect vulnerability in Simplesamlphp SimpleSAMLphp before 1.15.2 allows remote attackers to bypass an open redirect protection mechanism via crafted authority data in a URL. | 6.1 |
| 2018-01-26 | CVE-2017-2166 | Open Redirect vulnerability in Groupsession 4.6.4/4.7.0 Open redirect vulnerability in GroupSession version 4.7.0 and earlier allows an attacker to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 6.1 |
| 2018-01-25 | CVE-2018-6200 | Open Redirect vulnerability in Vbulletin vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the redirector.php url parameter. | 6.1 |
| 2018-01-18 | CVE-2018-0097 | Open Redirect vulnerability in Cisco Prime Infrastructure A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect. | 6.1 |
| 2018-01-10 | CVE-2017-1534 | Open Redirect vulnerability in IBM products IBM Security Access Manager Appliance 8.0.0 and 9.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2018-01-09 | CVE-2017-1668 | Open Redirect vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2018-01-03 | CVE-2017-1000484 | Open Redirect vulnerability in Plone By linking to a specific url in Plone 2.5-5.1rc1 with a parameter, an attacker could send you to his own website. | 6.1 |
| 2018-01-03 | CVE-2017-1000481 | Open Redirect vulnerability in Plone When you visit a page where you need to login, Plone 2.5-5.1rc1 sends you to the login form with a 'came_from' parameter set to the previous url. | 6.1 |
| 2018-01-02 | CVE-2017-1000434 | Open Redirect vulnerability in Furikake Project Furikake 0.1.0 Wordpress plugin Furikake version 0.1.0 is vulnerable to an Open Redirect The furikake-redirect parameter on a page allows for a redirect to an attacker controlled page classes/Furigana.php: header('location:'.urldecode($_GET['furikake-redirect'])); | 6.1 |