CVE-2023-39371
8.8HIGH
StarTrinity Softswitch version 2023-02-16 - Open Redirect (CWE-601)
StarTrinity Softswitch version 2023-02-16 - Open Redirect (CWE-601)
9/3/2023CWE-601, CWE-601
Tipo de Fraqueza
CWE-601
Open Redirect
Todas as vulnerabilidades CVE classificadas sob este tipo de fraqueza.
Ver no MITRE CWETotal CVEs
50
Críticos
0
No KEV
0
Com Exploits
0
CVE-2025-55060
6.1MEDIUM
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
12/29/2025CWE-601
CVE-2025-23183
6.1MEDIUM
CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
5/22/2025CWE-601
CVE-2023-32218
6.1MEDIUM
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
5/30/2023CWE-601, CWE-601
CVE-2024-45247
6.1MEDIUM
Sonarr – CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
Sonarr – CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
10/6/2024CWE-601
CVE-2024-42341
6.1MEDIUM
Loway - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
Loway - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
9/8/2024CWE-601
CVE-2022-31735
6.1MEDIUM
OpenAM Consortium Edition version 14.0.0 provided by OpenAM Consortium contains an open redirect vulnerability (CWE-601). When accessing an affected server through some specially crafted URL, the user
OpenAM Consortium Edition version 14.0.0 provided by OpenAM Consortium contains an open redirect vulnerability (CWE-601). When accessing an affected server through some specially crafted URL, the user...
9/15/2022CWE-601, CWE-601
CVE-2023-32551
6.1MEDIUM
Landscape allowed URLs which caused open redirection.
Landscape allowed URLs which caused open redirection.
6/6/2023CWE-601, CWE-601
CVE-2017-5871
5.4MEDIUM
Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is: obtain sensitive information (remote).
Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is: obtain sensitive information (remote).
5/22/2019CWE-601
CVE-2022-45917
6.1MEDIUM
ILIAS before 7.16 has an Open Redirect.
ILIAS before 7.16 has an Open Redirect.
12/7/2022CWE-601, CWE-601
CVE-2021-3851
5.4MEDIUM
firefly-iii is vulnerable to URL Redirection to Untrusted Site
firefly-iii is vulnerable to URL Redirection to Untrusted Site
10/19/2021CWE-601, CWE-601
CVE-2022-39183
6.5MEDIUM
Moodle Plugin - SAML Auth may allow Open Redirect through unspecified vectors.
Moodle Plugin - SAML Auth may allow Open Redirect through unspecified vectors.
1/12/2023CWE-601, CWE-601
CVE-2021-3664
5.3MEDIUM
url-parse is vulnerable to URL Redirection to Untrusted Site
url-parse is vulnerable to URL Redirection to Untrusted Site
7/26/2021CWE-601, CWE-601
CVE-2021-3647
6.1MEDIUM
URI.js is vulnerable to URL Redirection to Untrusted Site
URI.js is vulnerable to URL Redirection to Untrusted Site
7/16/2021CWE-601, CWE-601
CVE-2024-21723
4.3MEDIUM
Inadequate parsing of URLs could result into an open redirect.
Inadequate parsing of URLs could result into an open redirect.
2/29/2024CWE-601, CWE-601
CVE-2023-3568
6.3MEDIUM
Open Redirect in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
Open Redirect in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
7/10/2023CWE-601, CWE-601
CVE-2023-0748
6.4MEDIUM
Open Redirect in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.
Open Redirect in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.
2/8/2023CWE-601, CWE-601
CVE-2022-43950
4.3MEDIUM
A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.
A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8....
5/3/2023CWE-601, CWE-601
CVE-2022-4720
6.1MEDIUM
Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5.
Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5.
12/27/2022CWE-601, CWE-601
CVE-2022-0697
6.1MEDIUM
Open Redirect in GitHub repository archivy/archivy prior to 1.7.0.
Open Redirect in GitHub repository archivy/archivy prior to 1.7.0.
3/6/2022CWE-601, CWE-601
CVE-2023-3515
4.4MEDIUM
Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4.
Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4.
7/5/2023CWE-601, CWE-601
CVE-2023-33405
6.1MEDIUM
Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect.
Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect.
6/21/2023CWE-601, CWE-601
CVE-2022-0869
6.1MEDIUM
Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3.
Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3.
3/6/2022CWE-601, CWE-601
CVE-2024-31135
6.1MEDIUM
In JetBrains TeamCity before 2024.03 open redirect was possible on the login page
In JetBrains TeamCity before 2024.03 open redirect was possible on the login page
3/28/2024CWE-601, CWE-601
CVE-2022-0637
6.1MEDIUM
open redirect in pollbot (pollbot.services.mozilla.com) in versions before 1.4.6
open redirect in pollbot (pollbot.services.mozilla.com) in versions before 1.4.6
2/16/2023CWE-601, CWE-601
CVE-2023-5986
8.2HIGH
A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an openredirect vulnerability leading to a cross site scripting attack. By providing a URL-encoded input attackers ca
A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an openredirect vulnerability leading to a cross site scripting attack. By providing a URL-encoded input attackers ca...
11/15/2023CWE-601, CWE-601
CVE-2022-0868
6.1MEDIUM
Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10.
Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10.
3/6/2022CWE-601, CWE-601
CVE-2022-1058
6.1MEDIUM
Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5.
Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5.
3/24/2022CWE-601, CWE-601
CVE-2023-2000
5.4MEDIUM
Mattermost Desktop App fails to validate a mattermost server redirection and navigates to an arbitrary website
Mattermost Desktop App fails to validate a mattermost server redirection and navigates to an arbitrary website
5/2/2023CWE-601, CWE-601
CVE-2024-25715
6.1MEDIUM
Glewlwyd SSO server 2.x through 2.7.6 allows open redirection via redirect_uri.
Glewlwyd SSO server 2.x through 2.7.6 allows open redirection via redirect_uri.
2/11/2024CWE-601, CWE-601
CVE-2020-21038
6.1MEDIUM
Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php.
Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php.
5/8/2023CWE-601, CWE-601
CVE-2023-27292
5.4MEDIUM
An open redirect vulnerability exposes OpenCATS to template injection due to improper validation of user-supplied GET parameters.
An open redirect vulnerability exposes OpenCATS to template injection due to improper validation of user-supplied GET parameters.
2/28/2023CWE-601, CWE-601
CVE-2022-38657
8.2HIGH
An open redirect to malicious sites can occur when accessing the "Feedback" action on the manager page.
An open redirect to malicious sites can occur when accessing the "Feedback" action on the manager page.
2/12/2023CWE-601, CWE-601
CVE-2022-37927
6.1MEDIUM
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD).
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Hewlett Packard Enterprise HPE OneView Global Dashboard (OVGD).
12/12/2022CWE-601, CWE-601
CVE-2021-22526
4.9MEDIUM
Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
9/13/2021CWE-601, CWE-601
CVE-2020-7520
4.7MEDIUM
A CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability exists in Schneider Electric Software Update (SESU), V2.4.0 and prior, which could cause execution of malicious code on the
A CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability exists in Schneider Electric Software Update (SESU), V2.4.0 and prior, which could cause execution of malicious code on the...
7/23/2020CWE-601, CWE-601
CVE-2023-49394
6.1MEDIUM
Zentao versions 4.1.3 and before has a URL redirect vulnerability, which prevents the system from functioning properly.
Zentao versions 4.1.3 and before has a URL redirect vulnerability, which prevents the system from functioning properly.
1/10/2024CWE-601, CWE-601
CVE-2023-6552
6.1MEDIUM
Lack of "current" GET parameter validation during the action of changing a language leads to an open redirect vulnerability.
Lack of "current" GET parameter validation during the action of changing a language leads to an open redirect vulnerability.
1/8/2024CWE-601, CWE-601
CVE-2022-38662
6.1MEDIUM
In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites.
In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites.
12/19/2022CWE-601, CWE-601
CVE-2022-0645
6.1MEDIUM
Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1.
Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1.
4/19/2022CWE-601, CWE-601
CVE-2018-3743
6.1MEDIUM
Open redirect in hekto <=0.2.3 when target domain name is used as html filename on server.
Open redirect in hekto <=0.2.3 when target domain name is used as html filename on server.
6/1/2018CWE-601, CWE-601
CVE-2024-27184
6.1MEDIUM
Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not..
Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not..
8/20/2024CWE-601, CWE-601
CVE-2023-24445
6.1MEDIUM
Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins.
Jenkins OpenID Plugin 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins.
1/26/2023CWE-601, CWE-601
CVE-2017-1002150
6.1MEDIUM
python-fedora 0.8.0 and lower is vulnerable to an open redirect resulting in loss of CSRF protection
python-fedora 0.8.0 and lower is vulnerable to an open redirect resulting in loss of CSRF protection
9/14/2017CWE-601, CWE-601
CVE-2022-40754
6.1MEDIUM
In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's `/confirm` endpoint.
In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's `/confirm` endpoint.
9/21/2022CWE-601, CWE-601
CVE-2022-26326
4.0MEDIUM
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2
5/2/2022CWE-601, CWE-601
CVE-2024-37830
6.1MEDIUM
An issue in Outline <= v0.76.1 allows attackers to redirect a victim user to a malicious site via intercepting and changing the state cookie.
An issue in Outline <= v0.76.1 allows attackers to redirect a victim user to a malicious site via intercepting and changing the state cookie.
7/9/2024CWE-601, CWE-601
CVE-2024-22244
4.3MEDIUM
Open Redirect in Harbor <=v2.8.4, <=v2.9.2, and <=v2.10.0 may redirect a user to a malicious site.
Open Redirect in Harbor <=v2.8.4, <=v2.9.2, and <=v2.10.0 may redirect a user to a malicious site.
6/10/2024CWE-601, CWE-601
CVE-2024-24034
6.1MEDIUM
Setor Informatica S.I.L version 3.0 is vulnerable to Open Redirect via the hprinter parameter, allows remote attackers to execute arbitrary code.
Setor Informatica S.I.L version 3.0 is vulnerable to Open Redirect via the hprinter parameter, allows remote attackers to execute arbitrary code.
2/8/2024CWE-601, CWE-601
CVE-2024-24291
6.1MEDIUM
An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL.
An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL.
2/6/2024CWE-601, CWE-601
Mostrando 50 de many CVEs