Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-601 (指向未可信站点的URL重定向(开放重定向)) — Vulnerability Class 712

712 vulnerabilities classified as CWE-601 (指向未可信站点的URL重定向(开放重定向)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-13819 Open redirect in web server of MiR robots and MiR fleet — Robot 6.1 Medium2025-12-01
CVE-2025-66062 WordPress WP YouTube Lyte plugin <= 1.7.28 - Open Redirection vulnerability — WP YouTube Lyte 3.4 Low2025-11-21
CVE-2024-8527 ALC WebCTRL Carrier i-Vu Open Redirect via URL parameter — WebCtrl 6.1AIMediumAI2025-11-19
CVE-2025-40545 SolarWinds Observability Self-Hosted Open Redirection Vulnerability — SolarWinds Observability Self-Hosted 4.8 Medium2025-11-18
CVE-2025-64754 Jitsi Meet has DOM Redirect on Microsoft OAuth Flow — jitsi-meet 8.2 -2025-11-13
CVE-2025-20355 Cisco Catalyst Center Software HTTP Open Redirect Vulnerability — Cisco Digital Network Architecture Center (DNA Center) 4.7 Medium2025-11-13
CVE-2025-20378 Open Redirect on Web Login endpoint in Splunk Enterprise — Splunk Enterprise 3.1 Low2025-11-12
CVE-2025-42924 Open Redirect vulnerabilities in SAP S/4HANA landscape (SAP E-Recruiting BSP) — SAP S/4HANA landscape (SAP E-Recruiting BSP) 6.1 Medium2025-11-11
CVE-2025-42893 Open Redirect vulnerability in SAP Business Connector — SAP Business Connector 6.1 Medium2025-11-11
CVE-2025-64481 Open redirect endpoint in Datasette — datasette 6.1 -2025-11-07
CVE-2025-12789 Rhsso: open redirect — Red Hat Single Sign-On 7 6.1 Medium2025-11-06
CVE-2025-64115 Movary unvalidated Referer header allows open redirect and phishing — movary 6.1AIMediumAI2025-10-30
CVE-2025-62266 Liferay Portal和Liferay DXP 安全漏洞 — Portal 6.1AIMediumAI2025-10-30
CVE-2025-64116 Movary vulnerable to an open redirect — movary 6.1AIMediumAI2025-10-30
CVE-2025-64101 ZITADEL Vulnerable to Account Takeover via Malicious Forwarded Header Injection — zitadel 8.1 High2025-10-29
CVE-2025-62253 Liferay Portal和Liferay DXP 安全漏洞 — Portal 6.1AIMediumAI2025-10-27
CVE-2025-62981 WordPress WP Gravity Forms Zoho CRM and Bigin plugin <= 1.2.8 - Open Redirection vulnerability — WP Gravity Forms Zoho CRM and Bigin 4.7 Medium2025-10-27
CVE-2025-10355 Open redirection vulnerability in MOLGENIS EMX2 — MOLGENIS EMX2 6.1AIMediumAI2025-10-23
CVE-2025-60151 WordPress WP Gravity Forms HubSpot Plugin <= 1.2.5 - Open Redirection Vulnerability — WP Gravity Forms HubSpot 6.1AIMediumAI2025-10-22
CVE-2025-62595 Koa Vulnerable to Open Redirect via Trailing Double-Slash (//) in back Redirect Logic — koa 4.3 Medium2025-10-21
CVE-2025-62428 Drawing-Captcha APP Host Header Injection in `/register` and `/confirm-email` Endpoints — Drawing-Captcha-APP 6.1AIMediumAI2025-10-16
CVE-2025-62407 Frappe has an Open Redirect on Login Page — frappe 6.1 Medium2025-10-16
CVE-2025-62379 Open Redirect in reflex-dev/reflex — reflex 3.1 Low2025-10-15
CVE-2025-54196 Adobe Connect | URL Redirection to Untrusted Site ('Open Redirect') (CWE-601) — Adobe Connect 3.1 Low2025-10-14
CVE-2025-47890 Fortinet多款产品 输入验证错误漏洞 — FortiSASE 2.5 Low2025-10-14
CVE-2025-62361 WeGIA Open Redirect Vulnerability in `control.php` endpoint `nextPage` parameter (metodo=listarTodos nomeClasse=AlmoxarifeControle) — WeGIA 6.1AIMediumAI2025-10-13
CVE-2025-11167 CM Registration – Tailored tool for seamless login and invitation-based registrations <= 2.5.6 - Open Redirect — CM Registration – Tailored tool for seamless login and invitation-based registrations 4.7 Medium2025-10-11
CVE-2025-35059 Newforma Info Exchange (NIX) open URL redirect via /DownloadWeb/hyperlinkredirect.aspx — Project Center 4.3 Medium2025-10-09
CVE-2025-0608 Open Redirect in Logo Software's Logo Cloud — Logo Cloud 5.5 Medium2025-10-06
CVE-2025-61606 WeGIA: Open Redirect Vulnerability in `control.php` endpoint — WeGIA 6.1 -2025-10-02

Vulnerabilities classified as CWE-601 (指向未可信站点的URL重定向(开放重定向)) represent 712 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.