Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open redirect vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-42502
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions prior to 3.0.0.
Apache Superset
5.4
CVSSv3
CVE-2021-1218
A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote malicious user to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP reques...
Cisco Smart Software Manager On-prem
6.1
CVSSv3
CVE-2023-20263
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request....
Cisco Hyperflex Hx Data Platform 5.0
Cisco Hyperflex Hx Data Platform 5.5
NA
CVE-2013-3446
Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849.
Cisco Digital Media Manager -
6.1
CVSSv3
CVE-2017-6670
A vulnerability in the web-based GUI of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page, aka an Open Redirect issue. More Information: CSCvc54813. Known Affected Releases: 8.1(7)ER1.
Cisco Unified Communications Domain Manager 8.1\\(7\\)er1
6.1
CVSSv3
CVE-2020-3558
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of a...
Cisco Firepower Management Center
NA
CVE-2014-7294
Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and previous versions for Ex Libris Patron Directory Services (PDS) allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
Nyu Opensso Integration
NA
CVE-2015-7823
Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS 8.2 up to and including 8.2.41 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the link parameter.
Kentico Kentico Cms 8.2
5.4
CVSSv3
CVE-2018-15403
A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote malicious user to redirect a user to a maliciou...
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unity Connection 9.1\\(1\\)es23
Cisco Unified Communications Manager Im And Presence Service 10.5\\(2\\)
Cisco Unified Communications Manager Im And Presence Service 10.5\\(1\\)
Cisco Unified Communications Manager Im And Presence Service 12.0\\(1\\)
Cisco Unified Communications Manager Im And Presence Service 12.5\\(1\\)
Cisco Emergency Responder 11.5\\(4.59000.1\\)
Cisco Emergency Responder 12.5\\(0.98000.110\\)
Cisco Emergency Responder 12.0\\(1.40000.3\\)
5.4
CVSSv3
CVE-2023-0552
The Registration Forms WordPress plugin prior to 3.8.2.3 does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability
Genetechsolutions Pie Register
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »