Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-13 | CVE-2023-50771 | Open Redirect vulnerability in Jenkins Openid Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks. | 6.1 |
| 2023-12-09 | CVE-2023-28874 | Open Redirect vulnerability in Seafile 9.0.6 The next parameter in the /accounts/login endpoint of Seafile 9.0.6 allows attackers to redirect users to arbitrary sites. | 6.1 |
| 2023-12-08 | CVE-2023-48928 | Open Redirect vulnerability in Franklin-Electric System Sentinel Anyware 1.6.24.492 Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Open Redirect. | 6.1 |
| 2023-12-06 | CVE-2023-46688 | Open Redirect vulnerability in Pleasanter Open redirect vulnerability in Pleasanter 1.3.47.0 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. | 6.1 |
| 2023-12-04 | CVE-2023-48815 | Open Redirect vulnerability in Keking Kkfileview 4.1.0/4.3.0 kkFileView v4.3.0 is vulnerable to Incorrect Access Control. | 6.1 |
| 2023-11-27 | CVE-2023-47168 | Open Redirect vulnerability in Mattermost Mattermost fails to properly check a redirect URL parameter allowing for an open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom url scheme in /oauth/{service}/mobile_login?redirect_to= | 6.1 |
| 2023-11-21 | CVE-2023-49104 | Open Redirect vulnerability in Owncloud Oauth2 An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is enabled. | 6.1 |
| 2023-11-21 | CVE-2023-49061 | Open Redirect vulnerability in Mozilla Firefox An attacker could have performed HTML template injection via Reader Mode and exfiltrated user information. | 6.1 |
| 2023-11-20 | CVE-2023-5610 | Open Redirect vulnerability in S-Sols Seraphinite Accelerator The Seraphinite Accelerator WordPress plugin before 2.2.29 does not validate the URL to redirect any authenticated user to, leading to an arbitrary redirect | 5.4 |
| 2023-11-15 | CVE-2023-41699 | Open Redirect vulnerability in Payara URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server, Micro and Embedded (Servlet Implementation modules) allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.46, from 6.0.0 before 6.8.0, from 6.2023.1 before 6.2023.11. | 6.1 |