Total
742 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27352 | 1 Ilch | 1 Ilch Cms | 2021-06-03 | 4.9 MEDIUM | 5.4 MEDIUM |
| An open redirect vulnerability in Ilch CMS version 2.1.42 allows attackers to redirect users to an attacker's site after a successful login. | |||||
| CVE-2021-23387 | 1 Trailing-slash Project | 1 Trailing-slash | 2021-05-28 | 5.8 MEDIUM | 6.1 MEDIUM |
| The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::createTrailing(), as the web server uses relative URLs instead of absolute URLs. | |||||
| CVE-2021-1358 | 1 Cisco | 1 Finesse | 2021-05-27 | 5.8 MEDIUM | 6.1 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to cause the interface to redirect the user to a specific, malicious URL. This type of vulnerability is known as an open redirect and is used in phishing attacks that get users to unknowingly visit malicious sites. | |||||
| CVE-2021-29622 | 1 Prometheus | 1 Prometheus | 2021-05-26 | 5.8 MEDIUM | 6.1 MEDIUM |
| Prometheus is an open-source monitoring system and time series database. In 2.23.0, Prometheus changed its default UI to the New ui. To ensure a seamless transition, the URL's prefixed by /new redirect to /. Due to a bug in the code, it is possible for an attacker to craft an URL that can redirect to any other URL, in the /new endpoint. If a user visits a prometheus server with a specially crafted address, they can be redirected to an arbitrary URL. The issue was patched in the 2.26.1 and 2.27.1 releases. In 2.28.0, the /new endpoint will be removed completely. The workaround is to disable access to /new via a reverse proxy in front of Prometheus. | |||||
| CVE-2021-1397 | 1 Cisco | 48 C125 M5, C125 M5 Firmware, C220 M5 and 45 more | 2021-05-26 | 5.8 MEDIUM | 6.1 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability is known as an open redirect attack, which is used in phishing attacks to get users to visit malicious sites without their knowledge. | |||||
| CVE-2021-32618 | 1 Flask-security Project | 1 Flask-security | 2021-05-26 | 5.8 MEDIUM | 6.1 MEDIUM |
| The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is an independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. All versions of Flask-Security-Too allow redirects after many successful views (e.g. /login) by honoring the ?next query param. There is code in FS to validate that the url specified in the next parameter is either relative OR has the same netloc (network location) as the requesting URL. This check utilizes Pythons urlsplit library. However many browsers are very lenient on the kind of URL they accept and 'fill in the blanks' when presented with a possibly incomplete URL. As a concrete example - setting http://login?next=\\\github.com will pass FS's relative URL check however many browsers will gladly convert this to http://github.com. Thus an attacker could send such a link to an unwitting user, using a legitimate site and have it redirect to whatever site they want. This is considered a low severity due to the fact that if Werkzeug is used (which is very common with Flask applications) as the WSGI layer, it by default ALWAYS ensures that the Location header is absolute - thus making this attack vector mute. It is possible for application writers to modify this default behavior by setting the 'autocorrect_location_header=False`. | |||||
| CVE-2020-36365 | 1 Smartstore | 1 Smartstorenet | 2021-05-25 | 5.8 MEDIUM | 6.1 MEDIUM |
| Smartstore (aka SmartStoreNET) before 4.1.0 allows CommonController.ClearCache, ClearDatabaseCache, RestartApplication, and ScheduleTaskController.Edit open redirect. | |||||
| CVE-2021-24288 | 1 Acymailing | 1 Acymailing | 2021-05-25 | 5.8 MEDIUM | 6.1 MEDIUM |
| When subscribing using AcyMailing, the 'redirect' parameter isn't properly sanitized. Turning the request from POST to GET, an attacker can craft a link containing a potentially malicious landing page and send it to the victim. | |||||
| CVE-2021-23384 | 1 Koa-remove-trailing-slashes Project | 1 Koa-remove-trailing-slashes | 2021-05-25 | 5.8 MEDIUM | 5.4 MEDIUM |
| The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::removeTrailingSlashes(), as the web server uses relative URLs instead of absolute URLs. | |||||
| CVE-2020-11529 | 1 Getgrav | 1 Grav | 2021-05-17 | 5.8 MEDIUM | 6.1 MEDIUM |
| Common/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in 1.6.x. | |||||
| CVE-2020-13662 | 1 Drupal | 1 Drupal | 2021-05-13 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions. | |||||
| CVE-2020-23015 | 1 Opnsense | 1 Opnsense | 2021-05-11 | 5.8 MEDIUM | 6.1 MEDIUM |
| An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website. | |||||
| CVE-2021-28125 | 1 Apache | 1 Superset | 2021-05-07 | 5.8 MEDIUM | 6.1 MEDIUM |
| Apache Superset up to and including 1.0.1 allowed for the creation of an external URL that could be malicious. By not checking user input for open redirects the URL shortener functionality would allow for a malicious user to create a short URL for a dashboard that could convince the user to click the link. | |||||
| CVE-2020-21998 | 1 Homeautomation Project | 1 Homeautomation | 2021-05-06 | 5.8 MEDIUM | 6.1 MEDIUM |
| In HomeAutomation 3.3.2 input passed via the 'redirect' GET parameter in 'api.php' script is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain. | |||||
| CVE-2021-29137 | 1 Arubanetworks | 1 Airwave | 2021-05-03 | 5.8 MEDIUM | 6.1 MEDIUM |
| A remote URL redirection vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. | |||||
| CVE-2010-2471 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2021-04-28 | 5.8 MEDIUM | 6.1 MEDIUM |
| Drupal versions 5.x and 6.x has open redirection | |||||
| CVE-2021-29456 | 1 Authelia | 1 Authelia | 2021-04-27 | 4.9 MEDIUM | 5.4 MEDIUM |
| Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. In versions 4.27.4 and earlier, utilizing a HTTP query parameter an attacker is able to redirect users from the web application to any domain, including potentially malicious sites. This security issue does not directly impact the security of the web application itself. As a workaround, one can use a reverse proxy to strip the query parameter from the affected endpoint. There is a patch for version 4.28.0. | |||||
| CVE-2016-4334 | 1 Jivesoftware | 1 Jive | 2021-04-20 | 5.8 MEDIUM | 6.1 MEDIUM |
| Jive before 2016.3.1 has an open redirect from the external-link.jspa page. | |||||
| CVE-2018-7692 | 1 Microfocus | 1 Edirectory | 2021-04-13 | 5.8 MEDIUM | 6.1 MEDIUM |
| Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1. | |||||
| CVE-2020-6365 | 1 Sap | 1 Netweaver Application Server Java | 2021-04-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an unauthenticated remote attacker to redirect users to a malicious site due to insufficient reverse tabnabbing URL validation. The attacker could execute phishing attacks to steal credentials of the victim or to redirect users to untrusted web pages containing malware or similar malicious exploits. | |||||