Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-10-16 | CVE-2012-0518 | Open Redirect vulnerability in Oracle Fusion Middleware 10.1.4.3 Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175. | 4.7 |
| 2009-10-30 | CVE-2009-3832 | Open Redirect vulnerability in Opera Browser Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site. | 5.8 |
| 2008-10-21 | CVE-2008-1547 | Open Redirect vulnerability in Microsoft Exchange Server 2003 Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter. | 4.3 |
| 2008-07-27 | CVE-2008-2951 | Open Redirect vulnerability in multiple products Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function. | 6.1 |
| 2008-05-02 | CVE-2008-2052 | Open Redirect vulnerability in Bitrix24 Bitrix Site Manager 6.5 Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter. | 6.1 |
| 2005-12-13 | CVE-2005-4206 | Open Redirect vulnerability in Blackboard Academic Suite 6.0.0.0/6.2.3.23/6.3.1.424 Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page. | 6.1 |
| 2005-06-16 | CVE-2005-1475 | Open Redirect vulnerability in Opera Browser The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect. | 7.5 |
| 2005-04-27 | CVE-2005-0420 | Open Redirect vulnerability in Microsoft Exchange Server 2003 Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a link to the owalogon.asp application. | 5.8 |
| 2004-12-31 | CVE-2004-2260 | Open Redirect vulnerability in Opera Browser Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute. | 5.0 |