Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')

DATE CVE VULNERABILITY TITLE RISK
2018-09-06 CVE-2018-1000671 Open Redirect vulnerability in multiple products
sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The "referer" parameter of the wwsympa.fcgi login action.
network
low complexity
sympa debian CWE-601
6.1
2018-09-05 CVE-2018-15683 Open Redirect vulnerability in Btiteam Xbtit 2.5.4
An issue was discovered in BTITeam XBTIT.
network
low complexity
btiteam CWE-601
6.1
2018-08-28 CVE-2017-15419 Open Redirect vulnerability in multiple products
Insufficient policy enforcement in Resource Timing API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to infer browsing history by triggering a leaked cross-origin URL via a crafted HTML page.
network
low complexity
redhat debian google CWE-601
6.5
2018-08-09 CVE-2018-7692 Open Redirect vulnerability in Microfocus Edirectory
Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1.
network
low complexity
microfocus CWE-601
6.1
2018-08-08 CVE-2018-15178 Open Redirect vulnerability in Gogs
Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go.
network
low complexity
gogs CWE-601
6.1
2018-08-06 CVE-2018-7091 Open Redirect vulnerability in HP XP 9000 Command View
HPE XP P9000 Command View Advanced Edition Software (CVAE) has open URL redirection vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr.
network
low complexity
hp CWE-601
6.1
2018-08-06 CVE-2017-8989 Open Redirect vulnerability in HP Icewall SSO 10.0/11.0
A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, HP-UX, and Windows could be exploited remotely to allow URL Redirection.
network
low complexity
hp CWE-601
critical
9.1
2018-08-03 CVE-2018-14574 Open Redirect vulnerability in multiple products
django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.
network
low complexity
djangoproject debian canonical CWE-601
6.1
2018-07-20 CVE-2018-14474 Open Redirect vulnerability in Goodoldweb Orange Forum 1.4.0
views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup.
network
low complexity
goodoldweb CWE-601
6.1
2018-07-18 CVE-2018-14381 Open Redirect vulnerability in Pagekit
Pagekit before 1.0.14 has a /user/login?redirect= open redirect vulnerability.
network
low complexity
pagekit CWE-601
6.1