Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2017-04-10 CVE-2016-4334 Open Redirect vulnerability in Jivesoftware Jive
Jive before 2016.3.1 has an open redirect from the external-link.jspa page.
network
low complexity
jivesoftware CWE-601
6.1
2017-04-07 CVE-2017-6604 Open Redirect vulnerability in Cisco Unified Computing System 2.2(8B)/3.0(1C)/3.1(2C)B
A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
network
low complexity
cisco CWE-601
6.1
2017-04-07 CVE-2017-3889 Open Redirect vulnerability in Cisco Registered Envelope Service 5.1.0015
A vulnerability in the web interface of the Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to redirect a user to a undesired web page, aka an Open Redirect.
network
low complexity
cisco CWE-601
6.1
2017-04-04 CVE-2017-7234 Open Redirect vulnerability in Djangoproject Django
A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability.
network
low complexity
djangoproject CWE-601
6.1
2017-04-04 CVE-2017-7233 Open Redirect vulnerability in Djangoproject Django
Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL.
network
low complexity
djangoproject CWE-601
6.1
2017-04-03 CVE-2016-10316 Open Redirect vulnerability in Jensenofscandinavia Al3G Firmware, Al5000Ac Firmware and Al59300 Firmware
Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev.
network
low complexity
jensenofscandinavia CWE-601
6.1
2017-04-03 CVE-2016-10315 Open Redirect vulnerability in Jensenofscandinavia Al3G Firmware, Al5000Ac Firmware and Al59300 Firmware
Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev.
network
low complexity
jensenofscandinavia CWE-601
6.1
2017-03-26 CVE-2017-7266 Open Redirect vulnerability in Netflix Security Monkey
Netflix Security Monkey before 0.8.0 has an Open Redirect.
network
low complexity
netflix CWE-601
6.1
2017-03-07 CVE-2016-7137 Open Redirect vulnerability in Plone
Multiple open redirect vulnerabilities in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter to (1) %2b%2bgroupdashboard%2b%2bplone.dashboard1%2bgroup/%2b/portlets.Actions or (2) folder/%2b%2bcontextportlets%2b%2bplone.footerportlets/%2b /portlets.Actions or the (3) came_from parameter to /login_form.
network
low complexity
plone CWE-601
6.1
2017-03-03 CVE-2017-5615 Open Redirect vulnerability in Cpanel Cgiecho and Cgiemail
cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location.
network
low complexity
cpanel CWE-601
6.1