Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-601 (指向未可信站点的URL重定向(开放重定向)) — Vulnerability Class 712

712 vulnerabilities classified as CWE-601 (指向未可信站点的URL重定向(开放重定向)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-25392 WordPress Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress plugin <= 1.4.0 - Open Redirection vulnerability — Update URLs &#8211; Quick and Easy way to search old links and replace them with new links in WordPress 4.7 Medium2026-02-19
CVE-2026-2709 busy Callback app.js redirect — busy 3.5 Low2026-02-19
CVE-2026-0573 Improper Handling of HTTP Redirects vulnerability was identified in GitHub Enterprise Server that allowed leaking of authorization token and enabled remote code execution — Enterprise Server 7.3 -2026-02-18
CVE-2026-1277 URL Shortify <= 1.12.1 - Unauthenticated Open Redirect via 'redirect_to' Parameter — URL Shortify – Simple and Easy URL Shortener 4.7 Medium2026-02-18
CVE-2026-1296 Frontend Post Submission Manager Lite <= 1.2.7 - Unauthenticated Open Redirect via 'requested_page' Parameter — Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin 6.1 Medium2026-02-18
CVE-2025-27900 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows — DB2 Recovery Expert for LUW 6.8 Medium2026-02-17
CVE-2025-2418 Open Redirect in TR7's Web Application Firewall — Web Application Firewall 4.3 Medium2026-02-16
CVE-2026-26003 FastGPT Plugin forwarding request is not authenticated, posing a serious risk of attack — FastGPT 6.5AIMediumAI2026-02-10
CVE-2026-25956 Frappe Affected by XSS and Open Redirect in Sign Up — frappe 6.1 Medium2026-02-10
CVE-2026-24328 Open Redirection vulnerability in Business Server Pages Application (TAF_APPLAUNCHER) — Business Server Pages Application (TAF_APPLAUNCHER) 6.1 Medium2026-02-10
CVE-2026-24323 Multiple vulnerabilities in BSP Applications of SAP Document Management System — SAP Document Management System 6.1 Medium2026-02-10
CVE-2026-0508 Open Redirect vulnerability in SAP BusinessObjects Business Intelligence Platform — SAP BusinessObjects Business Intelligence Platform 7.3 High2026-02-10
CVE-2026-0484 Missing Authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA — SAP NetWeaver Application Server ABAP and SAP S/4HANA 6.5 Medium2026-02-10
CVE-2025-66596 Yokogawa FAST/TOOLS 安全漏洞 — FAST/TOOLS 6.1AIMediumAI2026-02-09
CVE-2026-2153 mwielgoszewski doorman views.py is_safe_url redirect — doorman 4.3 Medium2026-02-08
CVE-2026-25651 client-certificate-auth has an Open Redirect via Host Header Injection in HTTP-to-HTTPS redirect — client-certificate-auth 6.1 Medium2026-02-06
CVE-2026-1970 Edimax BR-6258n formStaDrvSetup redirect — BR-6258n 3.5 Low2026-02-05
CVE-2026-25198 web2py 输入验证错误漏洞 — web2py 6.1AIMediumAI2026-02-05
CVE-2026-20123 Cisco Prime Infrastructure and Evolved Programmable Network Manager Open Redirect Vulnerability — Cisco Evolved Programmable Network Manager (EPNM) 4.3 Medium2026-02-04
CVE-2026-25149 Qwik City Open Redirect via fixTrailingSlash — qwik 6.1AIMediumAI2026-02-03
CVE-2026-24052 Claude Code has a Domain Validation Bypass which Allows Automatic Requests to Attacker-Controlled Domains — claude-code 7.5AIHighAI2026-02-03
CVE-2025-67852 Moodle: moodle: open redirect vulnerability in oauth login flow allows redirection to malicious sites. 3.5 Low2026-02-03
CVE-2026-24768 NocoDB has Unvalidated Redirect in Login Flow via continueAfterSignIn Parameter — nocodb 6.1AIMediumAI2026-01-28
CVE-2026-1406 lcg0124 BootDo Host Header AccessControlFilter.java redirectToLogin — BootDo 3.5 Low2026-01-25
CVE-2025-68616 WeasyPrint Vulnerable to Server-Side Request Forgery (SSRF) Protection Bypass via HTTP Redirect — WeasyPrint 7.5 High2026-01-19
CVE-2026-23730 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=ProdutoControle) — WeGIA 6.1 -2026-01-16
CVE-2026-23729 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarDescricao, nomeClasse=ProdutoControle) — WeGIA 6.1 -2026-01-16
CVE-2026-23728 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=DestinoControle) — WeGIA 6.1 -2026-01-16
CVE-2026-23727 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=TipoSaidaControle) — WeGIA 6.1 -2026-01-16
CVE-2026-23726 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=TipoEntradaControle) — WeGIA 6.1 -2026-01-16

Vulnerabilities classified as CWE-601 (指向未可信站点的URL重定向(开放重定向)) represent 712 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.