CWE-601— URL Redirection to Untrusted Site (Open Redirect)

A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerability'.

An Open redirect vulnerability was found in ovirt-engine versions 4.4 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks. Once the target has opened the malicious URL in thei…

resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page.

In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection based which is based on a regexp. This is fixed in version 9.4.6.

In OAuth2 Proxy before 5.1.1, there is an open redirect vulnerability. Users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that…

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs (that redirect to an external web site) via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this …

Common/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in 1.6.x.

An issue was discovered in xdLocalStorage through 2.0.5. The buildMessage() function in xdLocalStorage.js specifies the wildcard (*) as the targetOrigin when calling the postMessage() function on the iframe object. Therefore any domain tha…

CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks.

CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.

CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.

The O2 Business application 1.2.0 for Android exposes the canvasm.myo2.SplashActivity activity to other applications. The purpose of this activity is to handle deeplinks that can be delivered either via links or by directly calling the act…

A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka 'Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability'.

Sourcegraph before 3.15.1 has a vulnerable authentication workflow because of improper validation in the SafeRedirectURL method in cmd/frontend/auth/redirect.go, such as for the //foo//example.com substring.

The appstore before 8.12.0.0 exposes some of its components, and the attacker can cause remote download and install apps through carefully constructed parameters.

macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL.

The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl.

Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt.

An open redirect vulnerability exists in Microsoft SharePoint that could lead to spoofing.To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, aka 'SharePoint…

The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.

An open redirect vulnerability exists in the return_page redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request ca…

Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions.

An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps.

An issue was discovered in WSO2 Identity Server through 5.10.0 and WSO2 IS as Key Manager through 5.10.0. An open redirect exists.

An issue was discovered in Mattermost Desktop App before 4.4.0. Attackers can open web pages in the desktop application because server redirection is mishandled, aka MMSA-2020-0008.

In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik's handling of the "X-Forwarded-Prefix" header. The Traefik API dashboard component doesn't validate that the value of …

ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. In Fosite from version 0.30.2 and before version 0.34.1, there is an issue in which an an attacker can override the registered redirect URL by performing an OAuth flo…

ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. In Fosite before version 0.34.1, the OAuth 2.0 Client's registered redirect URLs and the redirect URL provided at the OAuth2 Authorization Endpoint where compared usi…

TYPO3 Fluid Engine (package `typo3fluid/fluid`) before versions 2.0.5, 2.1.4, 2.2.1, 2.3.5, 2.4.1, 2.5.5 or 2.6.1 is vulnerable to cross-site scripting when making use of the ternary conditional operator in templates like `{showFullName ? …

Next.js versions >=9.5.0 and <9.5.4 are vulnerable to an Open Redirect. Specially encoded paths could be used with the trailing slash redirect to allow an open redirect to occur to an external site. In general, this redirect does not direc…

SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document.

By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was…

A flaw was found in Keycloak Gatekeeper (Louketo). The logout endpoint can be abused to redirect logged-in users to arbitrary web pages. Affected versions of Keycloak Gatekeeper (Louketo): 6.0.1, 7.0.0

An Open Redirection vulnerability exists in Uffizio's GPS Tracker all versions allows an attacker to construct a URL within the application that causes a redirection to an arbitrary external domain.

Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect" parameter in the component "zb_system/cmd.php."

GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter.

An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers to redirect users to any arbitrary website of their choosing.

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.

An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an attacker to specify an arbitrary redirection target away from the trusted GlobalProtect gateway. If the user then successfully authenti…

Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php.

In HomeAutomation 3.3.2 input passed via the 'redirect' GET parameter in 'api.php' script is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user click…

Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 allows an attacker to perform malicious open redirects to an attacker controlled resource via redirect_to parameter in email_passthrough.php.

An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website.

The component /php-fusion/infusions/shoutbox_panel/shoutbox_archive.php in PHP-Fusion 9.03.60 allows attackers to redirect victim users to malicious websites via a crafted payload entered into the Shoutbox message panel.

An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL.

IProom MMC+ Server login page does not validate specific parameters properly. Attackers can use the vulnerability to redirect to any malicious site and steal the victim's login credentials.

The redirect module in Liferay Portal before 7.3.3 does not limit the number of URLs resulting in a 404 error that is recorded, which allows remote attackers to perform a denial of service attack by making repeated requests for pages that …

An issue was discovered in Joomla! before 3.9.21. Lack of input validation in the vote feature of com_content leads to an open redirect.

An open redirect vulnerability in the administrative interface of the B. Braun Melsungen AG SpaceCom device Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to redirect users to malicious w…

Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential.