Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-11 | CVE-2017-3085 | Open Redirect vulnerability in multiple products Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect. | 7.4 |
| 2017-08-09 | CVE-2017-1448 | Open Redirect vulnerability in IBM products IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.4 |
| 2017-08-09 | CVE-2016-8949 | Open Redirect vulnerability in IBM products IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.4 |
| 2017-08-02 | CVE-2017-12138 | Open Redirect vulnerability in Xoops 2.5.8 XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in /modules/profile/index.php because of the URL filter. | 6.1 |
| 2017-07-29 | CVE-2017-11725 | Open Redirect vulnerability in Thycotic Secret Server The share function in Thycotic Secret Server before 10.2.000019 mishandles the Back Button, leading to unintended redirections. | 5.4 |
| 2017-07-28 | CVE-2017-11718 | Open Redirect vulnerability in Metinfo Project Metinfo There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php. | 6.1 |
| 2017-07-24 | CVE-2017-1287 | Open Redirect vulnerability in IBM Rhapsody Design Manager IBM Rhapsody DM 5.0 and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.4 |
| 2017-07-24 | CVE-2017-11586 | Open Redirect vulnerability in Finecms 1.9.5/5.0.9 dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in a sync action, related to controllers/Weixin.php. | 6.1 |
| 2017-07-19 | CVE-2017-1223 | Open Redirect vulnerability in IBM Bigfix Platform IBM Tivoli Endpoint Manager could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2017-07-17 | CVE-2017-1000070 | Open Redirect vulnerability in Oauth2 Proxy Project Oauth2 Proxy The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. | 6.1 |