CWE-601

Low likelihood

URL Redirection to Untrusted Site ('Open Redirect')

Parent: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

1,526 vulnerabilities with CWE-601
CVE-2023-51517 MEDIUM
Calculated Fields Form <1.2.28 - Open Redirect
CVSS 4.1
CVE-2023-51675 MEDIUM
AAM Advanced Access Manager - Open Redirect
CVSS 4.7
CVE-2023-32517 MEDIUM
PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder <= 4.0.9.3 - Open Redirect
CVSS 4.7
CVE-2023-32101 MEDIUM
Library Viewer <= 2.0.6 - Open Redirect
CVSS 4.7
CVE-2023-31237 MEDIUM
Zephyr Project Manager <3.3.9 - Open Redirect
CVSS 4.7
CVE-2023-31229 MEDIUM
WP Directory Kit <1.1.9 - Open Redirect
CVSS 4.7
CVE-2023-31095 MEDIUM
CRM Perks Integration - Open Redirect
CVSS 4.7
CVE-2023-28786 LOW
Solid Security < 8.1.4 - Open Redirect via Host Header
CVSS 3.7
CVE-2023-49438 MEDIUM
Flask-Security-Too <=5.3.2 - Open Redirect via Next Parameter
CVSS 6.1
CVE-2023-48003 MEDIUM
Asp.Net Zero < 12.3.0 - Open Redirect via WebSocket Message HTML Injection
CVSS 6.1
CVE-2023-50297 MEDIUM
PowerCMS < 4.55 - Unauthenticated Open Redirect via Crafted URL
CVSS 6.1
CVE-2023-50704 MEDIUM
efacec UC_500E Firmware - Open Redirect
CVSS 4.3
CVE-2023-46624 MEDIUM
Parcel Pro < 1.6.11 - Open Redirect
CVSS 4.7
CVE-2023-37982 MEDIUM
CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms < 1.3.3 - Open Redirect
CVSS 4.7
CVE-2023-35883 MEDIUM
Magazine3 Core Web Vitals & PageSpeed Booster < 1.0.12 - Open Redirect
CVSS 4.7
CVE-2023-45105 MEDIUM
affiliate-toolkit - WordPress Affiliate Plugin <= 3.3.9 - Open Redirect
CVSS 4.7
CVE-2023-41648 MEDIUM
Swapnil V. Patil <2.0.3 - Open Redirect
CVSS 4.7
CVE-2023-40602 MEDIUM
Doofinder WP & WooCommerce Search <1.5.49 - Open Redirect
CVSS 4.7
CVE-2023-38481 MEDIUM
CRM Perks Integration <1.3.7 - Open Redirect
CVSS 4.7
CVE-2023-38478 MEDIUM
CRM Perks Integration - Open Redirect
CVSS 4.7
CVE-2023-6927 MEDIUM
Keycloak < 23.0.4 - Open Redirect via JARM Response Mode Form Post JWT
CVSS 4.6
CVE-2023-6545 MEDIUM
Beckhoffs TwinCAT/BSD - Open Redirect
CVSS 4.7
CVE-2023-46750 MEDIUM
Apache Shiro < 1.13.0 - Open Redirect via Form Authentication
CVSS 6.1
CVE-2023-5629 HIGH
Schneider-electric Eb450 Firmware < 2.7.0 - Open Redirect
CVSS 8.2
CVE-2023-50771 MEDIUM
Jenkins OpenId Connect Authentication Plugin < 2.6 - Open Redirect via Login Redirect URL
CVSS 6.1
Details
Vulnerabilities 1,526
Exploit Likelihood Low
Links
MITRE CWE Entry Search this CWE With Exploits