Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2017-07-29 CVE-2017-11725 Open Redirect vulnerability in Thycotic Secret Server
The share function in Thycotic Secret Server before 10.2.000019 mishandles the Back Button, leading to unintended redirections.
network
low complexity
thycotic CWE-601
5.4
2017-07-28 CVE-2017-11718 Open Redirect vulnerability in Metinfo Project Metinfo
There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php.
network
low complexity
metinfo-project CWE-601
6.1
2017-07-24 CVE-2017-1287 Open Redirect vulnerability in IBM Rhapsody Design Manager
IBM Rhapsody DM 5.0 and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
5.4
2017-07-24 CVE-2017-11586 Open Redirect vulnerability in Finecms 1.9.5/5.0.9
dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in a sync action, related to controllers/Weixin.php.
network
low complexity
finecms CWE-601
6.1
2017-07-19 CVE-2017-1223 Open Redirect vulnerability in IBM Bigfix Platform
IBM Tivoli Endpoint Manager could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
6.1
2017-07-17 CVE-2017-1000070 Open Redirect vulnerability in Oauth2 Proxy Project Oauth2 Proxy
The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow.
network
low complexity
oauth2-proxy-project CWE-601
6.1
2017-07-17 CVE-2017-1000027 Open Redirect vulnerability in Koozali SME Server
Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect vulnerability in the user web login function resulting in unauthorized account access.
network
low complexity
koozali CWE-601
6.1
2017-07-17 CVE-2017-1000013 Open Redirect vulnerability in PHPmyadmin
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness
network
low complexity
phpmyadmin CWE-601
6.1
2017-07-12 CVE-2016-8953 Open Redirect vulnerability in IBM Emptoris Sourcing
IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
5.4
2017-07-12 CVE-2016-8947 Open Redirect vulnerability in IBM Emptoris Sourcing
IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
6.1