Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2017-05-12 CVE-2016-4859 Open Redirect vulnerability in Splunk
Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.3, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to 5.0.16 and Splunk Light prior to 6.4.3 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
network
low complexity
splunk CWE-601
6.1
2017-05-12 CVE-2016-4857 Open Redirect vulnerability in Splunk
Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.11 and Splunk Light prior to 6.4.2 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
network
low complexity
splunk CWE-601
6.1
2017-05-11 CVE-2016-9099 Open Redirect vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 are susceptible to an open redirection vulnerability.
network
low complexity
broadcom CWE-601
6.1
2017-05-05 CVE-2017-1156 Open Redirect vulnerability in IBM Websphere Portal 8.5/9.0
IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
8.8
2017-05-03 CVE-2016-10368 Open Redirect vulnerability in Opsview
Open redirect vulnerability in Opsview Monitor Pro (Prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the back parameter to the /login URI.
network
low complexity
opsview CWE-601
6.1
2017-05-03 CVE-2015-9058 Open Redirect vulnerability in Proxmox Mail Gateway
Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter.
network
low complexity
proxmox CWE-601
6.1
2017-04-24 CVE-2017-3528 Open Redirect vulnerability in Oracle Applications Framework
Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)).
network
low complexity
oracle CWE-601
5.4
2017-04-21 CVE-2016-4075 Open Redirect vulnerability in Opera Browser and Opera Mini
Opera Mini 13 and Opera Stable 36 allow remote attackers to spoof the displayed URL via a crafted HTML document, related to the about:blank URL.
network
low complexity
opera CWE-601
6.1
2017-04-20 CVE-2016-1213 Open Redirect vulnerability in Cybozu Garoon
The "Scheduler" function in Cybozu Garoon before 4.2.2 allows remote attackers to redirect users to arbitrary websites.
network
low complexity
cybozu CWE-601
6.1
2017-04-17 CVE-2016-0228 Open Redirect vulnerability in IBM Marketing Platform 10.0
IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts.
network
low complexity
ibm CWE-601
5.4