Filtered by CWE-601
Total 1129 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-38998 1 Opnsense 1 Opnsense 2024-11-21 6.1 Medium
An open redirect in the Login page of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL.
CVE-2023-38574 1 I-pro 1 Video Insight 2024-11-21 6.1 Medium
Open redirect vulnerability in VI Web Client prior to 7.9.6 allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.
CVE-2023-38481 1 Crmperks 1 Integration For Woocommerce And Zoho Crm\, Books\, Invoice\, Inventory\, Bigin 2024-11-21 4.7 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin.This issue affects Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin: from n/a before 1.3.7.
CVE-2023-38478 1 Crmperks 1 Integration For Woocommerce And Quickbooks 2024-11-21 4.7 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and QuickBooks.This issue affects Integration for WooCommerce and QuickBooks: from n/a through 1.2.3.
CVE-2023-37982 1 Crmperks 1 Integration For Salesforce And Contact Form 7\, Wpforms\, Elementor\, Ninja Forms 2024-11-21 4.7 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.3.3.
CVE-2023-37947 3 Jenkins, Jenkins Project, Redhat 3 Openshift Login, Jenkins Openshift Login Plugin, Ocp Tools 2024-11-21 6.1 Medium
Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.
CVE-2023-37624 1 Netdisco 1 Netdisco 2024-11-21 6.1 Medium
Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.
CVE-2023-37561 1 Elecom 8 Wrh-300wh-h, Wrh-300wh-h Firmware, Wtc-300hwh and 5 more 2024-11-21 6.1 Medium
Open redirect vulnerability in ELECOM wireless LAN routers and ELECOM wireless LAN repeaters allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. Affected products and versions are as follows: WRH-300WH-H v2.12 and earlier, WTC-300HWH v1.09 and earlier, WTC-C1167GC-B v1.17 and earlier, and WTC-C1167GC-W v1.17 and earlier.
CVE-2023-36085 1 Sisqualwfm 1 Sisqualwfm 2024-11-21 6.1 Medium
The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injection vulnerability in its "/sisqualIdentityServer/core/" endpoint. By modifying the HTTP Host header, an attacker can change webpage links and even redirect users to arbitrary or malicious locations. This can lead to phishing attacks, malware distribution, and unauthorized access to sensitive resources.
CVE-2023-35948 1 Novu 1 Novu 2024-11-21 5.4 Medium
Novu provides an API for sending notifications through multiple channels. Versions prior to 0.16.0 contain an open redirect vulnerability in the "Sign In with GitHub" functionality of Novu's open-source repository. It could have allowed an attacker to force a victim into opening a malicious URL and thus, potentially log into the repository under the victim's account gaining full control of the account. This vulnerability only affected the Novu Cloud and Open-Source deployments if the user manually enabled the GitHub OAuth on their self-hosted instance of Novu. Users should upgrade to version 0.16.0 to receive a patch.
CVE-2023-35883 1 Magazine3 1 Core Web Vitals \& Pagespeed Booster 2024-11-21 4.7 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magazine3 Core Web Vitals & PageSpeed Booster.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through 1.0.12.
CVE-2023-35791 1 Vound-software 1 Intella Connect 2024-11-21 6.1 Medium
Vound Intella Connect 2.6.0.3 has an Open Redirect vulnerability.
CVE-2023-35171 1 Nextcloud 1 Nextcloud Server 2024-11-21 4.1 Medium
NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. Starting in version 26.0.0 and prior to version 26.0.2, an attacker could supply a URL that redirects an unsuspecting victim from a legitimate domain to an attacker's site. Nextcloud Server and Nextcloud Enterprise Server 26.0.2 contain a patch for this issue. No known workarounds are available.
CVE-2023-35029 1 Liferay 2 Dxp, Liferay Portal 2024-11-21 6.1 Medium
Open redirect vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.76, and Liferay DXP 7.4 update 70 through 76 allows remote attackers to redirect users to arbitrary external URLs via the `_com_liferay_layout_admin_web_portlet_GroupPagesPortlet_backURL` parameter.
CVE-2023-34917 1 Cms Project 1 Cms 2024-11-21 6.1 Medium
Fuge CMS v1.0 contains an Open Redirect vulnerability in member/RegisterAct.java.
CVE-2023-34916 1 Cms Project 1 Cms 2024-11-21 6.1 Medium
Fuge CMS v1.0 contains an Open Redirect vulnerability via /front/ProcessAct.java.
CVE-2023-34020 2024-11-21 4.7 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3.
CVE-2023-32517 1 Ibericode 1 Mailchimp 2024-11-21 4.7 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in PluginOps MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder.This issue affects MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder: from n/a through 4.0.9.3.
CVE-2023-32101 1 Pexlechris 1 Library Viewer 2024-11-21 4.7 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pexle Chris Library Viewer.This issue affects Library Viewer: from n/a through 2.0.6.
CVE-2023-31237 1 Zephyr Project Manager Project 1 Zephyr Project Manager 2024-11-21 4.7 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.9.