Total
1047 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-45169 | 1 Liveboxcloud | 1 Vdesk | 2024-10-30 | 5.9 Medium |
| An issue was discovered in LIVEBOX Collaboration vDesk through v031. A URL Redirection to an Untrusted Site (Open Redirect) can occur under the /api/v1/notification/createnotification endpoint, allowing an authenticated user to send an arbitrary push notification to any other user of the system. This push notification can include an (invisible) clickable link. | ||||
| CVE-2024-6149 | 2024-10-29 | N/A | ||
| Redirection of users to a vulnerable URL in Citrix Workspace app for HTML5 | ||||
| CVE-2024-25676 | 1 Viewerjs | 1 Viewerjs | 2024-10-29 | 4.7 Medium |
| An issue was discovered in ViewerJS 0.5.8. A script from the component loads content via URL TAGs without properly sanitizing it. This leads to both open redirection and out-of-band resource loading. | ||||
| CVE-2024-50463 | 1 Sunshinephotocart | 1 Sunshine Photo Cart | 2024-10-29 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP Sunshine Sunshine Photo Cart.This issue affects Sunshine Photo Cart: from n/a through 3.2.9. | ||||
| CVE-2024-0953 | 1 Mozilla | 1 Firefox | 2024-10-27 | 6.1 Medium |
| When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content. This vulnerability affects Firefox for iOS < 129. | ||||
| CVE-2017-3126 | 1 Fortinet | 2 Fortianalyzer Firmware, Fortimanager Firmware | 2024-10-25 | N/A |
| An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter. | ||||
| CVE-2017-7343 | 1 Fortinet | 1 Fortiportal | 2024-10-25 | N/A |
| An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below allows attacker to execute unauthorized code or commands via the url parameter. | ||||
| CVE-2018-1355 | 1 Fortinet | 2 Fortianalyzer, Fortimanager | 2024-10-25 | N/A |
| An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature. An attacker may be able to social engineer an authenticated user into generating a PDF file containing injected malicious URLs. | ||||
| CVE-2018-13384 | 1 Fortinet | 1 Fortios | 2024-10-25 | N/A |
| A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web domains. | ||||
| CVE-2019-6696 | 1 Fortinet | 1 Fortios | 2024-10-25 | 6.1 Medium |
| An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage. | ||||
| CVE-2021-43064 | 1 Fortinet | 1 Fortiweb | 2024-10-25 | 4.3 Medium |
| A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers. | ||||
| CVE-2021-36191 | 1 Fortinet | 1 Fortiweb | 2024-10-25 | 4.1 Medium |
| A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to use the device as proxy via crafted GET parameters in requests to error handlers | ||||
| CVE-2024-49682 | 2024-10-25 | 4.7 Medium | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in smp7, wp.Insider Simple Membership allows Phishing.This issue affects Simple Membership: from n/a through 4.5.3. | ||||
| CVE-2021-39425 | 1 Seeddms | 1 Seeddms | 2024-10-24 | 6.1 Medium |
| SeedDMS v6.0.15 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links. | ||||
| CVE-2023-37624 | 1 Netdisco | 1 Netdisco | 2024-10-23 | 6.1 Medium |
| Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links. | ||||
| CVE-2024-46326 | 1 Pkp | 1 Pkb-lib | 2024-10-23 | 6.1 Medium |
| Public Knowledge Project pkp-lib 3.4.0-7 and earlier is vulnerable to Open redirect due to a lack of input sanitization in the logout function. | ||||
| CVE-2021-36580 | 1 Icewarp | 2 Icewarp Server, Mail Server | 2024-10-23 | 6.1 Medium |
| Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter. | ||||
| CVE-2023-22641 | 1 Fortinet | 2 Fortios, Fortiproxy | 2024-10-22 | 4.1 Medium |
| A url redirection to untrusted site ('open redirect') in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specially crafted requests. | ||||
| CVE-2022-43950 | 1 Fortinet | 2 Fortinac, Fortinac-f | 2024-10-22 | 3.9 Low |
| A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an unauthenticated attacker to redirect users to any arbitrary website via a crafted URL. | ||||
| CVE-2023-35791 | 1 Vound-software | 1 Intella Connect | 2024-10-22 | 6.1 Medium |
| Vound Intella Connect 2.6.0.3 has an Open Redirect vulnerability. | ||||