The user may be redirected to an arbitrary site in Sitefinity 15.1.8321.0 and previous versions.
CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CWE-601 URL redirection to untrusted site ('open redirect')
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3
Sonarr – CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may al
An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.
A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the component Redirect Plugin. The manipulation of the argument f_all/f_all404 results in cross site scripting.
Loway - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
An URL Redirection to Untrusted Site vulnerabilities [CWE-601] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, F
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8.0.5700 to 13.3.7652 allows a remote authenticated attacker to obtain plain-text credentials used con
A URL redirection in lbry-desktop v0.53.9 allows attackers to redirect victim users to attacker-controlled pages.
CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote authentic
A URL redirection in Pinokio v3.6.23 allows attackers to redirect victim users to attacker-controlled pages.
An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to redirect
An open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a crafted url is visited by a local user.
CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.8630 allows a remote unauthenticated attacker to access content that should be restricted, resulting in fu
Open redirect vulnerability in page administration in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through upda
The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-cho
Page 1+ Next →