CWE-601

Low likelihood

URL Redirection to Untrusted Site ('Open Redirect')

Parent: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

1,526 vulnerabilities with CWE-601
CVE-2023-4964 HIGH
OpenText Service Management Automation X and Asset Management X - Open Redirect
CVSS 8.2
CVE-2023-36085 MEDIUM
SisqualWFM 7.1.319.103-7.1.319.111 - SSRF
CVSS 6.1
CVE-2023-45909 MEDIUM
zzzphp 2.2.0 - Open Redirect
CVSS 6.1
CVE-2023-5375 MEDIUM
mosparo < 1.0.2 - Open Redirect
CVSS 6.1
CVE-2023-3922 LOW
GitLab 8.15-16.2.7, 16.3-16.3.4, 16.4 - Open Redirect via UI Link Hijacking
CVSS 3.0
CVE-2023-23957 MEDIUM
Symantec Identity Portal 14.4 - Info Disclosure
CVSS 5.4
CVE-2023-4965 LOW
phpipam 1.5.1 - Open Redirect via X-Forwarded-Host Header
CVSS 2.7
CVE-2023-40779 MEDIUM
IceWarp Mail Server Deep Castle 2 <v.13.0.1.2 - RCE
CVSS 6.1
CVE-2023-41609 MEDIUM
CouchCMS v2.3 - Open Redirect via sanitize_url() Parameter
CVSS 6.1
CVE-2023-40306 MEDIUM
SAP S/4HANA - Open Redirect in Manage Catalog Items and Cross-Catalog Searches
CVSS 6.1
CVE-2023-20263 MEDIUM
Cisco HyperFlex HX Data Platform - Open Redirect
CVSS 4.7
CVE-2023-39364 LOW
Cacti 1.2.24 - Open Redirect via auth_changepassword.php ref Parameter
CVSS 3.5
CVE-2023-38574 MEDIUM
VI Web Client <7.9.6 - Open Redirect
CVSS 6.1
CVE-2023-39371 HIGH
StarTrinity Softswitch 2023-02-16 - Open Redirect
CVSS 8.8
CVE-2023-1279 LOW
GitLab 4.1.0-16.1.4, 16.2.0-16.2.4, 16.3.0 - Open Redirect via Project URL
CVSS 2.6
CVE-2023-39968 MEDIUM
jupyter_server < 2.7.2 - Open Redirect via Malicious Login Links
CVSS 4.3
CVE-2023-41080 MEDIUM
Apache Tomcat <11.0.0-M10 - Open Redirect
CVSS 6.1
CVE-2023-38998 MEDIUM
OPNsense <23.7-23.4.2 - Open Redirect
CVSS 6.1
CVE-2023-34917 MEDIUM
Fuge CMS 1.0 - Open Redirect via member/RegisterAct.java
CVSS 6.1
CVE-2023-34916 MEDIUM
Fuge CMS v1.0 - Open Redirect via ProcessAct.java
CVSS 6.1
CVE-2023-35791 MEDIUM
Intella Connect 2.6.0.3 - Open Redirect
CVSS 6.1
CVE-2023-37624 MEDIUM
netdisco < 2.063000 - Open Redirect via Crafted Links
CVSS 6.1
CVE-2023-30433 MEDIUM
IBM Security Verify Access 10.0 - Open Redirect via Crafted URL
CVSS 6.5
CVE-2023-28020 MEDIUM
HCL BigFix WebUI - Open Redirect via Login Page Redirect URL Header
CVSS 4.7
CVE-2023-3684 LOW
LivelyWorks Articart 2.0.1 - Open Redirect via Base64 Encoding Handler
CVSS 3.5
Details
Vulnerabilities 1,526
Exploit Likelihood Low
Links
MITRE CWE Entry Search this CWE With Exploits