Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2017-03-03 CVE-2017-5614 Open Redirect vulnerability in Cpanel
Open redirect vulnerability in cgiemail and cgiecho allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the (1) success or (2) failure parameter.
network
low complexity
cpanel CWE-601
6.1
2017-03-03 CVE-2017-5571 Open Redirect vulnerability in Flexerasoftware Flexnet Publisher 11.10/11.13.1.0/11.14.1
Open redirect vulnerability in the lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) 11.14.1 and earlier, as used in Citrix License Server for Windows and the Citrix License Server VPX, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
network
low complexity
flexerasoftware CWE-601
6.1
2017-02-22 CVE-2017-3840 Open Redirect vulnerability in Cisco Secure Access Control System 5.8(2.5)
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect Vulnerability.
network
low complexity
cisco CWE-601
6.1
2017-02-13 CVE-2016-8376 Open Redirect vulnerability in Kabona AB Webdatorcentral
An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0.
network
high complexity
kabona-ab CWE-601
6.1
2017-02-03 CVE-2017-3810 Open Redirect vulnerability in Cisco Prime Service Catalog 10.0(R2)Base
A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system.
network
low complexity
cisco CWE-601
5.4
2017-02-01 CVE-2016-8961 Open Redirect vulnerability in IBM Bigfix Inventory and License Metric Tool
IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
6.1
2017-02-01 CVE-2016-6020 Open Redirect vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
6.1
2017-01-26 CVE-2016-6908 Open Redirect vulnerability in Opera Browser 37.0.2192.105088
Characters from languages are such as Arabic, Hebrew are displayed from RTL (Right To Left) order in Opera 37.0.2192.105088 for Android, due to mishandling of several unicode characters such as U+FE70, U+0622, U+0623 etc and how they are rendered combined with (first strong character) such as an IP address or alphabet could lead to a spoofed URL.
network
low complexity
opera CWE-601
6.1
2017-01-26 CVE-2017-3799 Open Redirect vulnerability in Cisco Webex Meeting Center Wbs28Base
A vulnerability in a URL parameter of Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to perform site redirection.
network
low complexity
cisco CWE-601
5.4
2017-01-14 CVE-2017-5474 Open Redirect vulnerability in S9Y Serendipity
Open redirect vulnerability in comment.php in Serendipity through 2.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header.
network
low complexity
s9y CWE-601
6.1