Total
1515 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1279 | 1 Gitlab | 1 Gitlab | 2026-06-17 | N/A | 2.6 LOW |
| An issue has been discovered in GitLab affecting all versions starting from 4.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 where it was possible to create a URL that would redirect to a different project. | |||||
| CVE-2023-0748 | 1 Btcpayserver | 1 Btcpayserver | 2026-06-17 | N/A | 6.4 MEDIUM |
| Open Redirect in GitHub repository btcpayserver/btcpayserver prior to 1.7.6. | |||||
| CVE-2023-0681 | 1 Rapid7 | 1 Insightvm | 2026-06-17 | N/A | 4.3 MEDIUM |
| Rapid7 InsightVM versions 6.6.178 and lower suffers from an open redirect vulnerability, whereby an attacker has the ability to redirect the user to a site of the attacker’s choice using the ‘page’ parameter of the ‘data/console/redirect’ component of the application. This issue was resolved in the February, 2023 release of version 6.6.179. | |||||
| CVE-2023-0155 | 1 Gitlab | 1 Gitlab | 2026-06-17 | N/A | 5.4 MEDIUM |
| An issue has been discovered in GitLab CE/EE affecting all versions before 15.8.5, 15.9.4, 15.10.1. Open redirects was possible due to framing arbitrary content on any page allowing user controlled markdown | |||||
| CVE-2023-0042 | 1 Gitlab | 1 Gitlab | 2026-06-17 | N/A | 6.1 MEDIUM |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. GitLab Pages allows redirection to arbitrary protocols. | |||||
| CVE-2022-4946 | 1 Accesspressthemes | 1 Frontend Post Wordpress Plugin | 2026-06-17 | N/A | 5.4 MEDIUM |
| The Frontend Post WordPress Plugin WordPress plugin through 2.8.4 does not validate an attribute of one of its shortcode, which could allow users with a role as low as contributor to add a malicious shortcode to a page/post, which will redirect users to an arbitrary domain. | |||||
| CVE-2022-4720 | 1 Ikus-soft | 1 Rdiffweb | 2026-06-17 | N/A | 6.1 MEDIUM |
| Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5. | |||||
| CVE-2022-4644 | 1 Ikus-soft | 1 Rdiffweb | 2026-06-17 | N/A | 6.1 MEDIUM |
| Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4. | |||||
| CVE-2022-4589 | 1 Django Terms And Conditions Project | 1 Django Terms And Conditions | 2026-06-17 | N/A | 5.5 MEDIUM |
| A vulnerability has been found in cyface Terms and Conditions Module up to 2.0.9 and classified as problematic. Affected by this vulnerability is the function returnTo of the file termsandconditions/views.py. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading to version 2.0.10 is able to address this issue. The name of the patch is 03396a1c2e0af95e12a45c5faef7e47a4b513e1a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216175. | |||||
| CVE-2022-4317 | 1 Gitlab | 1 Dynamic Application Security Testing Analyzer | 2026-06-17 | N/A | 5.0 MEDIUM |
| An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects. | |||||
| CVE-2022-48358 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-17 | N/A | 7.4 HIGH |
| The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this vulnerability by a malicious app can cause service exceptions. | |||||
| CVE-2022-47500 | 1 Apache | 1 Helix | 2026-06-17 | N/A | 6.1 MEDIUM |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Software Foundation Apache Helix UI component.This issue affects Apache Helix all releases from 0.8.0 to 1.0.4. Solution: removed the the forward component since it was improper designed for UI embedding. User please upgrade to 1.1.0 to fix this issue. | |||||
| CVE-2022-46886 | 1 Servicenow | 1 Servicenow | 2026-06-17 | N/A | 5.5 MEDIUM |
| There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain. | |||||
| CVE-2022-46784 | 1 Squaredup | 1 Dashboard Server | 2026-06-17 | N/A | 6.1 MEDIUM |
| SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows open redirection. (The issue was originally found in 5.5.1 GA.) | |||||
| CVE-2022-46683 | 1 Jenkins | 1 Google Login | 2026-06-17 | N/A | 6.1 MEDIUM |
| Jenkins Google Login Plugin 1.4 through 1.6 (both inclusive) improperly determines that a redirect URL after login is legitimately pointing to Jenkins. | |||||
| CVE-2022-46407 | 1 Ericsson | 1 Network Manager | 2026-06-17 | N/A | 4.8 MEDIUM |
| Ericsson Network Manager (ENM), versions prior to 22.2, contains a vulnerability in the REST endpoint “editprofile” where Open Redirect HTTP Header Injection can lead to redirection of the submitted request to domain out of control of ENM deployment. The attacker would need admin/elevated access to exploit the vulnerability | |||||
| CVE-2022-46288 | 1 Jacic | 1 Electronic Bidding Core System | 2026-06-17 | N/A | 6.1 MEDIUM |
| Open redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL. | |||||
| CVE-2022-45917 | 1 Ilias | 1 Ilias | 2026-06-17 | N/A | 6.1 MEDIUM |
| ILIAS before 7.16 has an Open Redirect. | |||||
| CVE-2022-45582 | 1 Openstack | 1 Horizon | 2026-06-17 | N/A | 6.1 MEDIUM |
| Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter. | |||||
| CVE-2022-45413 | 2 Google, Mozilla | 2 Android, Firefox | 2026-06-17 | N/A | 6.1 MEDIUM |
| Using the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.<br>*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 107. | |||||