Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-07 | CVE-2018-17422 | Open Redirect vulnerability in Dotcms dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter. | 6.1 |
| 2019-03-07 | CVE-2019-3778 | Open Redirect vulnerability in multiple products Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. | 6.5 |
| 2019-03-05 | CVE-2019-0540 | Open Redirect vulnerability in Microsoft products A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'. | 5.5 |
| 2019-03-05 | CVE-2018-1939 | Open Redirect vulnerability in IBM Cloud Private 3.1.1 IBM Cloud Private 3.1.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2019-03-05 | CVE-2018-1875 | Open Redirect vulnerability in IBM products IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2019-02-20 | CVE-2018-19106 | Open Redirect vulnerability in Avinetworks AVI Vantage Avi Vantage before 17.2.13 uses an invalid URL encoding during a redirect operation, aka AV-33959. | 6.1 |
| 2019-02-17 | CVE-2016-10742 | Open Redirect vulnerability in multiple products Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter. | 6.1 |
| 2019-02-13 | CVE-2019-5915 | Open Redirect vulnerability in Osstech Openam Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page. | 6.1 |
| 2019-01-30 | CVE-2019-3912 | Open Redirect vulnerability in Labkey Server An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an unauthenticated remote attacker to redirect users to arbitrary web sites. | 6.1 |
| 2019-01-24 | CVE-2019-6780 | Open Redirect vulnerability in Kaine Wise Chat The Wise Chat plugin before 2.7 for WordPress mishandles external links because rendering/filters/post/WiseChatLinksPostFilter.php omits noopener and noreferrer. | 6.1 |