Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-10 | CVE-2017-16761 | Open Redirect vulnerability in Inedo Buildmaster An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows remote attackers to redirect users to arbitrary web sites. | 6.1 |
| 2017-11-06 | CVE-2017-16569 | Open Redirect vulnerability in Zurmo CRM 3.2.1.57987Acc3018 An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018 via an http: URL in the redirectUrl parameter to app/index.php/meetings/default/createMeeting. | 4.8 |
| 2017-10-31 | CVE-2017-14358 | Open Redirect vulnerability in HP products A URL redirection to untrusted site vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. | 6.1 |
| 2017-10-18 | CVE-2015-6961 | Open Redirect vulnerability in Web2Py 2.9.11 Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout. | 6.1 |
| 2017-10-18 | CVE-2015-7943 | Open Redirect vulnerability in multiple products Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 6.1 |
| 2017-10-05 | CVE-2017-1000117 | Open Redirect vulnerability in Git-Scm GIT A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. | 8.8 |
| 2017-10-04 | CVE-2017-8047 | Open Redirect vulnerability in multiple products In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some applications, it is possible to append a combination of characters to the URL that will allow for an open redirect. | 6.1 |
| 2017-09-28 | CVE-2017-14525 | Open Redirect vulnerability in Opentext Documentum Administrator and Documentum Webtop Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the startat parameter to xda/help/en/default.htm or (2) /%09/ (slash encoded horizontal tab slash) followed by a domain in the redirectUrl parameter to xda/component/virtuallinkconnect. | 6.1 |
| 2017-09-28 | CVE-2017-14524 | Open Redirect vulnerability in Opentext Documentum Administrator and Documentum Webtop Multiple open redirect vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the startat parameter to xda/help/en/default.htm or (2) /%09/ (slash encoded horizontal tab slash) followed by a domain in the redirectUrl parameter to xda/component/virtuallinkconnect. | 6.1 |
| 2017-09-25 | CVE-2015-4668 | Open Redirect vulnerability in Xceedium Xsuite 2.3.0/2.4.3.0 Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter. | 6.1 |