CWE-601

Low likelihood

URL Redirection to Untrusted Site ('Open Redirect')

Parent: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

1,513 vulnerabilities with CWE-601
CVE-2024-1440 MEDIUM
WSO2 API Manager and Identity Server - Open Redirect via Multi-Option Authentication Endpoint
CVSS 5.4
CVE-2024-12561 MEDIUM
Google Analytics & WordPress <1.4.9 - Open Redirect
CVSS 6.1
CVE-2024-6690 MEDIUM
WordPress wccp-pro <15.3 - Open Redirect
CVSS 6.1
CVE-2024-49706 MEDIUM
SoftCOM iKSORIS <79.0 - Open Redirect
CVSS 6.1
CVE-2024-9308 MEDIUM
haotian-liu/llava v1.2.0 - Unauthenticated Open Redirect via Crafted URL
CVSS 6.1
CVE-2024-8021 MEDIUM
gradio - Open Redirect via URL Encoding
CVSS 6.1
CVE-2024-11044 MEDIUM
automatic1111/stable-diffusion-webui 1.10.0 - Unauthenticated Open Redirect via Crafted URL
CVSS 6.1
CVE-2024-10908 MEDIUM
lm-sys fastchat v0.2.36 - Unauthenticated Open Redirect via Crafted URL
CVSS 6.1
CVE-2024-10812 MEDIUM
binary-husky gpt_academic 3.83 - Open Redirect via File Parameter
CVSS 6.1
CVE-2024-51321 HIGH
Zucchetti Ad Hoc Infinity 2.4 - URL Redirection via m_cURL Parameter
CVSS 7.6
CVE-2024-54957 MEDIUM
Nagios XI 2024R1.2.2 - Open Redirect via Tools Page
CVSS 6.1
CVE-2024-11955 MEDIUM
GLPI < 10.0.18 - Open Redirect via /index.php Redirect Parameter
CVSS 4.3
CVE-2024-13888 HIGH
WPMobile.App <= 11.56 - Unauthenticated Open Redirect via Redirect Parameter
CVSS 7.2
CVE-2024-57241 MEDIUM
dedecms 5.71sp1 - URL Redirection via GET Request
CVSS 6.5
CVE-2024-54728 MEDIUM
BYD QIN PLUS DM-i Dilink OS 3.0_13.1.7.2204050.1 - Info Disclosure
CVSS 6.5
CVE-2024-56972 MEDIUM
Midea Home iOS 9.3.12 - Info Disclosure
CVSS 6.5
CVE-2024-56971 MEDIUM
Shuqi Novel iOS 5.3.8 - Info Disclosure
CVSS 6.5
CVE-2024-56969 MEDIUM
Pixocial Technology (Singapore) Pte. Ltd BeautyPlus <7.8.010 - Info...
CVSS 6.5
CVE-2024-56968 MEDIUM
Govee Home iOS 6.5.01 - Info Disclosure
CVSS 6.5
CVE-2024-56967 MEDIUM
PolyBuzz iOS 2.0.20 - Info Disclosure
CVSS 6.5
CVE-2024-56966 MEDIUM
Qidian Reader <5.9.384 - Info Disclosure
CVSS 6.5
CVE-2024-56965 MEDIUM
Shihuo iOS 8.16.0 - Info Disclosure
CVSS 6.5
CVE-2024-56964 MEDIUM
Guazi Used Car iOS 10.15.1 - Info Disclosure
CVSS 6.5
CVE-2024-56963 MEDIUM
Sogou Input iOS 12.2.0 - Info Disclosure
CVSS 6.5
CVE-2024-56962 MEDIUM
Tencent Technology (Shanghai) Co., Ltd WeSing <9.3.39 - Info Disclo...
CVSS 6.5
Details
Vulnerabilities 1,513
Exploit Likelihood Low
Links
MITRE CWE Entry Search this CWE With Exploits