Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is '/management/domain'. By modifying
In Eclipse Glassfish versions prior to 7.0.10, a URL redirection vulnerability to untrusted sites existed. This vulnerability is caused by the vulnerability (CVE-2023-41080) in the Apache code include
In Eclipse GlassFish version 7.0.15 is possible to perform Reflected Cross-site scripting attacks in the Administration Console.
In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console.
In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console.
In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site Scripting attacks by modifying the configuration file in the underlying operating system.
The vulnerability exists in the EJBCA service, version 8.0 Enterprise. Not tested in higher versions. By modifying the ‘Host’ header in an HTTP request, it is possible to manipulate the generated link
The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP ad
The vulnerability exists in the EJBCA service, version 8.0 Enterprise. By making a small change to the PATH of the URL associated with the service, the server fails to find the requested file and redi
When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vuln
Open redirection vulnerability in MOLGENIS EMX2 v11.14.0. This vulnerability allows an attacker to create a malicious URL using a manipulated redirection parameter, potentially leading users to phishi
bunkerweb is an Open-source and next-generation Web Application Firewall (WAF). A open redirect vulnerability exists in the loading endpoint, allowing attackers to redirect authenticated users to arbi
An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. A mali
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Metagauss EventPrime eventprime-event-calendar-management.This issue affects EventPrime: from n/a through <= 4.0.4.5.
A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. This affects the function onLogoutSuccess of the file src/main/java/com/central/oauth/han
A vulnerability was determined in lcg0124 BootDo up to 5ccd963c74058036b466e038cff37de4056c1600. Affected by this vulnerability is the function redirectToLogin of the file AccessControlFilter.java of
Open redirection vulnerability due to insufficient validation of the X-Forwarded-Host HTTP header. An attacker could create manipulated links that, when opened by a victim, cause the victim to be redi
An Open-Redirect vulnerability exists in PingAM where well-crafted requests may cause improper validation of redirect URLs. This could allow an attacker to redirect end-users to malicious sites under
The mirror-registry doesn't properly sanitize the host header HTTP header in HTTP request received, allowing an attacker to perform malicious redirects to attacker-controlled domains or phishing campa
Vulnerability in Altitude Authentication Service and Altitude Communication Server v8.5.3290.0 by Altitude, where manipulation of Host header in HTTP requests allows redirection to an arbitrary URL or
Page 1+ Next →