Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-601 (指向未可信站点的URL重定向(开放重定向)) — Vulnerability Class 712

712 vulnerabilities classified as CWE-601 (指向未可信站点的URL重定向(开放重定向)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-33102 Microsoft 365 Copilot Elevation of Privilege Vulnerability — Microsoft 365 Copilot 9.3 Critical2026-04-23
CVE-2026-41126 BigBlueButton has Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL" — bigbluebutton 4.3 Medium2026-04-21
CVE-2026-40905 LinkAce: Password Reset Poisoning via X-Forwarded-Host Header Injection Leading to Account Takeover — LinkAce 8.1 High2026-04-21
CVE-2026-40299 next-intl has an open redirect vulnerability — next-intl 6.1AIMediumAI2026-04-17
CVE-2026-40255 @adonisjs/http-server has an Open Redirect vulnerability — http-server 6.1 Medium2026-04-16
CVE-2026-20060 Cisco Unity Connection Open Redirect Vulnerability — Cisco Unity Connection 4.7 Medium2026-04-15
CVE-2026-21741 Fortinet FortiNAC-F 输入验证错误漏洞 — FortiNAC-F 2.2 Low2026-04-14
CVE-2026-34257 Open Redirect vulnerability in SAP NetWeaver Application Server ABAP — SAP NetWeaver Application Server ABAP 6.1 Medium2026-04-14
CVE-2026-6203 User Registration & Membership <= 5.1.4 - Unauthenticated Open Redirect via 'redirect_to_on_logout' Parameter — User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder 6.1 Medium2026-04-13
CVE-2026-39940 ChurchCRM has an Open Redirect via the ‘linkBack’ URL Parameter in DonatedItemEditor.php — CRM 5.4 -2026-04-13
CVE-2026-32932 Chamilo LMS has an Open Redirect via Unvalidated 'page' Parameter in Session Course Edit — chamilo-lms 4.7 Medium2026-04-10
CVE-2025-66447 Chamilo LMS has validation-less redirect on login page — chamilo-lms--2026-04-10
CVE-2026-22560 Rocket.Chat 安全漏洞 — Rocket.Chat 6.1 -2026-04-10
CVE-2026-25854 Apache Tomcat: Occasionally open redirect — Apache Tomcat 6.1AIMediumAI2026-04-09
CVE-2026-39985 LORIS has an open redirect field on login — Loris 4.3 Medium2026-04-09
CVE-2026-40037 OpenClaw < 2026.3.31 - Unsafe Request Body Replay via fetchWithSsrFGuard Cross-Origin Redirects — OpenClaw 6.5 Medium2026-04-08
CVE-2026-39484 WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability — Hide My WP Ghost 6.1AIMediumAI2026-04-08
CVE-2026-35411 Directus is an Open Redirect in Admin 2FA Setup Page — directus 4.3 Medium2026-04-06
CVE-2026-35404 Open edX Platform has an Open Redirect in Survey Views via Unvalidated redirect_url Parameter — openedx-platform 4.7 Medium2026-04-06
CVE-2026-35475 WeGIA - Open Redirect - backup redirection — Unvalidated $_GET['redirect'] — WeGIA 6.1AIMediumAI2026-04-06
CVE-2026-35474 WeGIA - Open Redirect - atualizacao redirection - Unvalidated $_GET['redirect'] — WeGIA 6.1AIMediumAI2026-04-06
CVE-2026-35473 WeGIA - Open Redirect - IentradaControle - listarId() - Unvalidated $_GET['nextPage'] — WeGIA 6.1AIMediumAI2026-04-06
CVE-2026-35472 WeGIA - Open Redirect - EstoqueControle - listarTodos() - Unvalidated $_GET['nextPage'] — WeGIA 6.1AIMediumAI2026-04-06
CVE-2026-35398 WeGIA - Open Redirect - OrigemControle - listarTodos() & listarId_Nome() - Unvalidated $_GET['nextPage'] — WeGIA 6.1AIMediumAI2026-04-06
CVE-2026-35396 WeGIA - Open Redirect - IsaidaControle - listarId() - Unvalidated $_GET['nextPage'] — WeGIA 6.1AIMediumAI2026-04-06
CVE-2018-25245 7 Tik 1.0.1.0 Denial of Service via Search — 7 Tik 7.5 High2026-04-04
CVE-2026-33709 JupyterHub has an Open Redirect Vulnerability — jupyterhub 6.1AIMediumAI2026-04-03
CVE-2026-5467 Casdoor OAuth Authorization Request redirect — Casdoor 4.3 Medium2026-04-03
CVE-2026-34931 hoppscotch: Improper loopback redirect_uri validation in device-login flow — hoppscotch 6.1AIMediumAI2026-04-02
CVE-2026-34847 hoppscotch: Open redirect via `/enter?redirect=` — hoppscotch 4.7 Medium2026-04-02

Vulnerabilities classified as CWE-601 (指向未可信站点的URL重定向(开放重定向)) represent 712 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.