Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-601 (指向未可信站点的URL重定向(开放重定向)) — Vulnerability Class 712

712 vulnerabilities classified as CWE-601 (指向未可信站点的URL重定向(开放重定向)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-27184 [20240801] - Core - Inadequate validation of internal URLs — Joomla! CMS 5.4AIMediumAI2024-08-20
CVE-2024-6377 URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x — 3DSwymer 8.1 High2024-08-20
CVE-2024-43280 WordPress Salon Booking System plugin <= 10.8.1 - Open Redirection vulnerability — Salon booking system 4.7 Medium2024-08-19
CVE-2024-43236 WordPress Easy PayPal & Stripe Buy Now Button plugin <= 1.9 - Open Redirection vulnerability — Easy PayPal Buy Now Button 4.7 Medium2024-08-19
CVE-2024-7902 pkp ojs signOut redirect — ojs 4.3 Medium2024-08-17
CVE-2024-42353 WebOb's location header normalization during redirect leads to open redirect — webob 6.1 Medium2024-08-14
CVE-2024-38211 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability — Microsoft Dynamics 365 (on-premises) version 9.1 8.2 High2024-08-13
CVE-2024-41955 Mobile Security Framework (MobSF) has an Open Redirect in Login Redirect — Mobile-Security-Framework-MobSF 5.2 Medium2024-07-31
CVE-2024-39694 Duende IdentityServer Open Redirect vulnerability — IdentityServer 4.7 Medium2024-07-31
CVE-2024-41801 OpenProject packaged installation has Open Redirect Vulnerability in Sign-In in default configuration — openproject 4.7 Medium2024-07-25
CVE-2024-20400 Cisco Expressway Series 安全漏洞 — Cisco TelePresence Video Communication Server (VCS) Expressway 4.7 Medium2024-07-17
CVE-2024-4882 URL Redirection to Arbitrary Site Exists in Sitefinity — Sitefinity 6.1AIMediumAI2024-07-08
CVE-2024-37234 WordPress Academy LMS plugin <= 2.0.4 - Open Redirection vulnerability — Academy LMS 3.5 Low2024-07-06
CVE-2024-5936 Open Redirect in imartinez/privategpt — imartinez/privategpt 6.1AIMediumAI2024-06-27
CVE-2024-4604 Open Redirect in Magarsus Consultancy's SSO — SSO (Single Sign On) 6.1 Medium2024-06-26
CVE-2024-37141 Dell PowerProtect Data Domain 输入验证错误漏洞 — PowerProtect DD 3.5 Low2024-06-26
CVE-2024-24764 October Open Redirect for Administrator Accounts — october 3.5 Low2024-06-26
CVE-2024-4940 Open Redirect in gradio-app/gradio — gradio-app/gradio 6.1 -2024-06-22
CVE-2024-3597 Export WP Page to Static HTML/CSS <= 2.2.2 - Open Redirect — Export WordPress Pages to Static HTML & PDF — Static Site Export 7.1 High2024-06-20
CVE-2024-23442 Kibana open redirect issue — Kibana 6.1 Medium2024-06-14
CVE-2024-22244 Harbor Open Redirect URL — Harbor 4.3 Medium2024-06-10
CVE-2024-36419 SuiteCRM-Core Host Header Injection in /legacy — SuiteCRM-Core 4.3 Medium2024-06-10
CVE-2024-36406 SuiteCRM vulnerable to open redirects — SuiteCRM 5.4 Medium2024-06-10
CVE-2024-23664 Fortinet FortiAuthenticator 输入验证错误漏洞 — FortiAuthenticator 5.8 Medium2024-06-03
CVE-2024-34071 Open Redirect Bypass Protection — Umbraco-CMS 6.1 Medium2024-05-21
CVE-2024-20369 Cisco Crosswork Network Services Orchestrator 安全漏洞 — Cisco Network Services Orchestrator 4.7 Medium2024-05-15
CVE-2023-6812 WP Compress – Image Optimizer [All-In-One] <= 6.20.01 - Open Redirect via css — WP Compress – Instant Performance & Speed Optimization 4.3 Medium2024-05-14
CVE-2024-34074 Frappe vuilnerable to an open redirect on login page — frappe 6.1 Medium2024-05-09
CVE-2024-4133 ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.30 - Open Redirect — ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup 6.1 Medium2024-05-02
CVE-2024-33930 WordPress Share This Image plugin <= 1.97 - Open Redirection vulnerability — Share This Image 4.7 Medium2024-05-02

Vulnerabilities classified as CWE-601 (指向未可信站点的URL重定向(开放重定向)) represent 712 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.