CWE-601

Low likelihood

URL Redirection to Untrusted Site ('Open Redirect')

Parent: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

1,532 vulnerabilities with CWE-601
CVE-2016-3047 MEDIUM
IBM FileNet Workplace 4.0.2-4.0.2.14 IF001 - Authenticated Open Redirect
CVSS 6.8
CVE-2016-9451 MEDIUM
Drupal 7.x < 7.52 - Authenticated Open Redirect
CVSS 6.8
CVE-2016-0204 MEDIUM
IBM Cloud Orchestrator <2.4.0 FP3 - Open Redirect
CVSS 6.8
CVE-2016-1000001 HIGH
flask-oidc < 0.1.2 - Open Redirect
CVSS 7.4
CVE-2016-6636 MEDIUM
Pivotal Cloud Foundry <242 - Open Redirect
CVSS 5.3
CVE-2016-5977 MEDIUM
IBM Tealeaf Customer Experience <9.0.1.1117 FP5-9.0.2.5224_9.0.2A F...
CVSS 6.8
CVE-2016-3040 MEDIUM
IBM Security Privileged Identity Manager Virtual Appliance 2.x - Authenticated Open Redirect
CVSS 6.8
CVE-2016-0928 HIGH
Pivotal Cloud Foundry <1.6.30, <1.7.8 - Open Redirect
CVSS 7.4
CVE-2016-5878 MEDIUM
IBM FileNet Workplace <4.0.2.14 - Open Redirect
CVSS 6.8
CVE-2016-4604 MEDIUM
Safari - URL Spoofing via Invalid TCP Port Redirection
CVSS 5.4
CVE-2016-5385 HIGH
Oracle Communications User Data Repository < 5.09 - Open Redirect
CVSS 8.1
CVE-2015-10115 MEDIUM
WooSidebars Sidebar Manager Converter Plugin <1.1.2 - Open Redirect
CVSS 4.3
CVE-2015-10114 MEDIUM
WooSidebars Plugin <1.4.1 - Open Redirect
CVSS 4.3
CVE-2015-10113 LOW
WooFramework Tweaks Plugin <1.0.2 - Open Redirect
CVSS 3.5
CVE-2015-10112 MEDIUM
WooFramework Branding Plugin <1.0.2 - Open Redirect
CVSS 4.3
CVE-2015-10104 LOW
Icons for Features Plugin <1.0.1 - Open Redirect
CVSS 3.5
CVE-2015-10102 MEDIUM
Freshdesk Plugin 1.7 on WordPress - Open Redirect
CVSS 6.3
CVE-2015-10052 MEDIUM
calesanz gibb-modul-151 - Open Redirect
CVSS 4.6
CVE-2015-9540 MEDIUM
Chamilo LMS < 1.9.10.2 - Open Redirect via link_goto.php link_url Parameter
CVSS 6.1
CVE-2015-8094 MEDIUM
Cloudera HUE <3.10.0 - Open Redirect
CVSS 6.1
CVE-2015-3898 MEDIUM
Bonita BPM Portal <6.5.3 - Open Redirect
CVSS 6.1
CVE-2015-6961 MEDIUM
web2py 2.9.11 - Open Redirect via _next Parameter
CVSS 6.1
CVE-2015-7943 MEDIUM
Drupal <7.41, jQuery Update <7.2.7, LABjs <7.1.8 - Open Redirect
CVSS 6.1
CVE-2015-4668 MEDIUM
Xceedium Xsuite - Open Redirect via redirurl Parameter
CVSS 6.1
CVE-2015-5608 MEDIUM
Joomla! 3.0.0-3.4.1 - Open Redirect
CVSS 6.1
Details
Vulnerabilities 1,532
Exploit Likelihood Low
Links
MITRE CWE Entry Search this CWE With Exploits