Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-01 | CVE-2017-3105 | Open Redirect vulnerability in Adobe Robohelp Adobe RoboHelp has an Open Redirect vulnerability. | 6.1 |
| 2017-11-30 | CVE-2017-12344 | Open Redirect vulnerability in Cisco Data Center Network Manager 10.2(1) Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. | 6.1 |
| 2017-11-17 | CVE-2017-1000163 | Open Redirect vulnerability in Phoenixframework Phoenix The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks. | 6.1 |
| 2017-11-15 | CVE-2017-11879 | Open Redirect vulnerability in Microsoft Asp.Net Core 2.0 ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability". | 8.8 |
| 2017-11-10 | CVE-2017-16761 | Open Redirect vulnerability in Inedo Buildmaster An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows remote attackers to redirect users to arbitrary web sites. | 6.1 |
| 2017-11-06 | CVE-2017-16569 | Open Redirect vulnerability in Zurmo CRM 3.2.1.57987Acc3018 An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018 via an http: URL in the redirectUrl parameter to app/index.php/meetings/default/createMeeting. | 4.8 |
| 2017-10-31 | CVE-2017-14358 | Open Redirect vulnerability in HP products A URL redirection to untrusted site vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. | 6.1 |
| 2017-10-18 | CVE-2015-6961 | Open Redirect vulnerability in Web2Py 2.9.11 Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout. | 6.1 |
| 2017-10-18 | CVE-2015-7943 | Open Redirect vulnerability in multiple products Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 6.1 |
| 2017-10-05 | CVE-2017-1000117 | Open Redirect vulnerability in Git-Scm GIT A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. | 8.8 |