Total
1238 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-2512 | 2 Djangoproject, Redhat | 3 Django, Openstack, Openstack-optools | 2025-04-12 | N/A |
| The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting (XSS) attacks via a URL containing basic authentication, as demonstrated by http://mysite.example.com\@attacker.com. | ||||
| CVE-2024-43280 | 1 Salonbookingsystem | 1 Salon Booking System | 2025-04-11 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1. | ||||
| CVE-2024-8148 | 1 Esri | 1 Portal For Arcgis | 2025-04-10 | 6.1 Medium |
| There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.2 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks. | ||||
| CVE-2024-38037 | 1 Esri | 1 Portal For Arcgis | 2025-04-10 | 6.1 Medium |
| There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks. | ||||
| CVE-2022-4644 | 1 Ikus-soft | 1 Rdiffweb | 2025-04-10 | 6.1 Medium |
| Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4. | ||||
| CVE-2022-3614 | 1 Octopus | 1 Octopus Server | 2025-04-10 | 6.1 Medium |
| In affected versions of Octopus Deploy users of certain browsers using AD to sign-in to Octopus Server were able to bypass authentication checks and be redirected to the configured redirect url without any validation. | ||||
| CVE-2022-38197 | 1 Esri | 1 Arcgis Server | 2025-04-10 | 6.1 Medium |
| Esri ArcGIS Server versions 10.9.1 and below have an unvalidated redirect issue that may allow a remote, unauthenticated attacker to phish a user into accessing an attacker controlled website via a crafted query parameter. | ||||
| CVE-2022-38201 | 1 Esri | 1 Arcgis Quickcapture | 2025-04-10 | 6.1 Medium |
| An unvalidated redirect vulnerability exists in Esri Portal for ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1. A remote, unauthenticated attacker can potentially induce an unsuspecting authenticated user to access an an attacker controlled domain. | ||||
| CVE-2022-38208 | 1 Esri | 1 Portal For Arcgis | 2025-04-10 | 6.1 Medium |
| There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks. | ||||
| CVE-2022-4720 | 1 Ikus-soft | 1 Rdiffweb | 2025-04-09 | 6.1 Medium |
| Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5. | ||||
| CVE-2025-32693 | 2025-04-09 | 4.7 Medium | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WPWebinarSystem WebinarPress allows Phishing. This issue affects WebinarPress: from n/a through 1.33.27. | ||||
| CVE-2025-32694 | 2025-04-09 | 4.7 Medium | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Rustaurius Ultimate WP Mail allows Phishing. This issue affects Ultimate WP Mail: from n/a through 1.3.2. | ||||
| CVE-2008-2052 | 1 Bitrix24 | 1 Bitrix Site Manager | 2025-04-09 | 6.1 Medium |
| Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter. | ||||
| CVE-2008-2951 | 2 Edgewall, Fedoraproject | 2 Trac, Fedora | 2025-04-09 | 6.1 Medium |
| Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function. | ||||
| CVE-2009-3832 | 2 Microsoft, Opera | 2 Windows, Opera Browser | 2025-04-09 | N/A |
| Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site. | ||||
| CVE-2008-1547 | 1 Microsoft | 1 Exchange Server | 2025-04-09 | N/A |
| Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter. | ||||
| CVE-2017-20164 | 1 Symbiote | 1 Seed | 2025-04-08 | 6.3 Medium |
| A vulnerability was found in Symbiote Seed up to 6.0.2. It has been classified as critical. Affected is the function onBeforeSecurityLogin of the file code/extensions/SecurityLoginExtension.php of the component Login. The manipulation of the argument URL leads to open redirect. It is possible to launch the attack remotely. Upgrading to version 6.0.3 is able to address this issue. The patch is identified as b065ebd82da53009d273aa7e989191f701485244. It is recommended to upgrade the affected component. VDB-217626 is the identifier assigned to this vulnerability. | ||||
| CVE-2024-31253 | 1 Wp-oauth | 1 Wp Oauth Server | 2025-04-08 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP OAuth Server OAuth Server.This issue affects OAuth Server: from n/a through 4.3.3. | ||||
| CVE-2024-31282 | 1 Appcheap | 1 App Builder | 2025-04-08 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Appcheap.Io App Builder.This issue affects App Builder: from n/a through 3.8.7. | ||||
| CVE-2023-0042 | 1 Gitlab | 1 Gitlab | 2025-04-08 | 6.1 Medium |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. GitLab Pages allows redirection to arbitrary protocols. | ||||