Total
1377 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-15241 | 2025-12-31 | 4.0 MEDIUM | 3.5 LOW | ||
|
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 2.5.2 is sufficient to fix this issue. Upgrading the affected component is recommended.
|
|||||
| CVE-2023-53901 | 1 Wbce | 1 Wbce Cms | 2025-12-30 | N/A | 5.4 MEDIUM |
|
WBCE CMS 1.6.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML and CSS to capture user keystrokes. Attackers can upload a crafted HTML file with CSS-based keylogging techniques to intercept password characters through background image requests.
|
|||||
| CVE-2025-52552 | 1 Fastgpt | 1 Fastgpt | 2025-12-29 | N/A | 6.1 MEDIUM |
|
FastGPT is an AI Agent building platform. Prior to version 4.9.12, the LastRoute Parameter on login page is vulnerable to open redirect and DOM-based XSS. Improper validation and lack of sanitization of this parameter allows attackers execute malicious JavaScript or redirect them to attacker-controlled sites. This issue has been patched in version 4.9.12.
|
|||||
| CVE-2025-62690 | 1 Mattermost | 1 Mattermost Server | 2025-12-29 | N/A | 3.1 LOW |
|
Mattermost versions 10.11.x <= 10.11.4 fail to validate redirect URLs on the /error page, which allows an attacker to redirect a victim to a malicious site via a crafted link opened in a new tab.
|
|||||
| CVE-2025-64481 | 2025-12-26 | N/A | N/A | ||
|
Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ (the trailing slash is required) will redirect the user to https://example.com/foo/bar. This problem has been patched in both Datasette 0.65.2 and 1.0a21. To workaround this issue, if Datasette is running behind a proxy, that proxy could be configured to repl ...
Show More |
|||||
| CVE-2025-50182 | 1 Python | 1 Urllib3 | 2025-12-22 | N/A | 5.3 MEDIUM |
|
urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodi ...
Show More |
|||||
| CVE-2025-50181 | 1 Python | 1 Urllib3 | 2025-12-22 | N/A | 5.3 MEDIUM |
|
urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable. This issue has been patched in version 2.5.0.
|
|||||
| CVE-2025-34440 | 1 Wwbn | 1 Avideo | 2025-12-19 | N/A | 6.1 MEDIUM |
|
AVideo versions prior to 20.1 contain an open redirect vulnerability caused by insufficient validation of the siteRedirectUri parameter during user registration. Attackers can redirect users to external sites, facilitating phishing attacks.
|
|||||
| CVE-2025-34439 | 1 Wwbn | 1 Avideo | 2025-12-19 | N/A | 6.1 MEDIUM |
|
AVideo versions prior to 20.1 are vulnerable to an open redirect flaw due to missing validation of the cancelUri parameter during user login. An attacker can craft a link to redirect users to arbitrary external sites, enabling phishing attacks.
|
|||||
| CVE-2025-11222 | 1 Linecorp | 1 Central Dogma | 2025-12-19 | N/A | 6.1 MEDIUM |
|
Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft.
|
|||||
| CVE-2025-43526 | 1 Apple | 2 Macos, Safari | 2025-12-18 | N/A | 9.8 CRITICAL |
|
This issue was addressed with improved URL validation. This issue is fixed in macOS Tahoe 26.2, Safari 26.2. On a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted.
|
|||||
| CVE-2024-29041 | 1 Openjsf | 1 Express | 2025-12-18 | N/A | 6.1 MEDIUM |
|
Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redir ...
Show More |
|||||
| CVE-2021-28861 | 2 Fedoraproject, Python | 2 Fedora, Python | 2025-12-17 | N/A | 7.4 HIGH |
|
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."
|
|||||
| CVE-2025-43795 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2025-12-16 | N/A | 6.1 MEDIUM |
|
Open redirect vulnerability in the System Settings in Liferay Portal 7.1.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through 2023.Q3.4 , 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_configuration_admin_web_portlet_SystemSettingsPortlet_redirect parameter.
Open redirect vulnerability in the Instance Settings in Liferay Portal 7.1.0 through 7.4.3.101, and Liferay DXP ...
Show More |
|||||
| CVE-2025-67502 | 1 Taguette | 1 Taguette | 2025-12-16 | N/A | 5.4 MEDIUM |
|
Taguette is an open source qualitative research tool. In versions 1.5.1 and below, attackers can craft malicious URLs that redirect users to arbitrary external websites after authentication. The application accepts a user-controlled next parameter and uses it directly in HTTP redirects without any validation. This can be exploited for phishing attacks where victims believe they are interacting with a trusted Taguette instance but are redirected to a malicious site designed to steal credentials ...
Show More |
|||||
| CVE-2025-14451 | 2025-12-15 | N/A | 4.7 MEDIUM | ||
|
The Solutions Ad Manager plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.0.0. This is due to insufficient validation on the redirect URL supplied via the 'sam-redirect-to' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
|
|||||
| CVE-2025-34504 | 1 Kodcloud | 1 Kodexplorer | 2025-12-15 | N/A | 6.1 MEDIUM |
|
KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external websites after authentication.
|
|||||
| CVE-2025-62253 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2025-12-12 | N/A | 6.1 MEDIUM |
|
Open redirect vulnerability in page administration in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to redirect users to arbitrary external URLs via the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_redirect parameter.
|
|||||
| CVE-2025-43767 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2025-12-12 | N/A | 6.1 MEDIUM |
|
Open Redirect vulnerability in /c/portal/edit_info_item parameter redirect in Liferay Portal 7.4.3.86 through 7.4.3.131, and Liferay DXP 2024.Q3.1 through 2024.Q3.9, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 update 86 through update 92 allows an attacker to exploit this security vulnerability to redirect users to a malicious site.
|
|||||
| CVE-2025-63784 | 1 Onlook | 1 Onlook | 2025-12-08 | N/A | 6.5 MEDIUM |
|
An Open Redirect vulnerability exists in the OAuth callback handler in file onlook/apps/web/client/src/app/auth/callback/route.ts in Onlook web application 0.2.32. The vulnerability occurs because the application trusts the X-Forwarded-Host header value without proper validation when constructing a redirect URL. A remote attacker can send a manipulated X-Forwarded-Host header to redirect an authenticated user to an arbitrary external website under their control, which can be exploited for phishi ...
Show More |
|||||
| CVE-2025-64116 | 1 Leepeuker | 1 Movary | 2025-12-08 | N/A | 6.1 MEDIUM |
|
Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect parameter without validation, allowing attackers to redirect authenticated users to arbitrary external sites. This vulnerability is fixed in 0.69.0.
|
|||||
| CVE-2025-64115 | 1 Leepeuker | 1 Movary | 2025-12-08 | N/A | 6.1 MEDIUM |
|
Movary is a web application to track, rate and explore your movie watch history. Versions up to and including 0.68.0 use the HTTP Referer header value directly for redirects in multiple settings endpoints, allowing a crafted link to cause an open redirect to an attacker-controlled site and facilitate phishing. This vulnerability is fixed in 0.69.0.
|
|||||
| CVE-2025-58044 | 1 Fit2cloud | 1 Jumpserver | 2025-12-05 | N/A | 6.1 MEDIUM |
|
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.19 and v4.10.5, The /core/i18n// endpoint uses the Referer header as the redirection target without proper validation, which could lead to an Open Redirect vulnerability. This vulnerability is fixed in v3.10.19 and v4.10.5.
|
|||||
| CVE-2025-20382 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2025-12-05 | N/A | 3.5 LOW |
|
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10, 10.0.2503.8, and 9.3.2411.120, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a views dashboard with a custom background using the `data:image/png;base64` protocol that could potentially lead to an unvalidated redirect. This behavior circumvents the Splunk external URL warning mechanism by using a specially crafted URL, allowing f ...
Show More |
|||||
| CVE-2025-20378 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2025-12-03 | N/A | 3.1 LOW |
|
In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, 9.2.9, and Splunk Cloud Platform versions below 10.0.2503.5, 9.3.2411.111, and 9.3.2408.121, an unauthenticated attacker could craft a malicious URL using the `return_to` parameter of the Splunk Web login endpoint. When an authenticated user visits the malicious URL, it could cause an unvalidated redirect to an external malicious site. To be successful, the attacker has to trick the victim into initiating a request from their browser. The ...
Show More |
|||||
| CVE-2025-50736 | 2025-12-01 | N/A | 6.1 MEDIUM | ||
|
An open redirect vulnerability exists in Byaidu PDFMathTranslate v1.9.9 that allows attackers to craft URLs that cause the application to redirect users to arbitrary external websites via the file parameter to the /gradio_api endpoint. This vulnerability could be exploited for phishing attacks or to bypass security filters.
|
|||||
| CVE-2025-13819 | 2025-12-01 | N/A | 6.1 MEDIUM | ||
|
Open redirect in the web server component of MiR Robot and Fleet software allows a remote attacker to redirect users to arbitrary external websites via a crafted parameter, facilitating phishing or social engineering attacks.
|
|||||
| CVE-2025-46553 | 1 Misskey | 1 Summaly | 2025-12-01 | N/A | 6.1 MEDIUM |
|
@misskey-dev/summaly is a tool for getting a summary of a web page. Starting in version 3.0.1 and prior to version 5.2.1, a logic error in the main `summaly` function causes the `allowRedirects` option to never be passed to any plugins, and as a result, isn't enforced. Misskey will follow redirects, despite explicitly requesting not to. Version 5.2.1 contains a patch for the issue.
|
|||||
| CVE-2025-54793 | 1 Astro | 1 Astro | 2025-11-25 | N/A | 6.1 MEDIUM |
|
Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs such as https://mydomain.com//malicious-site.com/. This increases the risk of phishing and other social engineering attacks. This affects sites that use on-demand rendering (SSR) with the Node or Cloudf ...
Show More |
|||||
| CVE-2024-52003 | 1 Traefik | 1 Traefik | 2025-11-25 | N/A | 6.1 MEDIUM |
|
Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. There is a vulnerability in Traefik that allows the client to provide the X-Forwarded-Prefix header from an untrusted source. This issue has been addressed in versions 2.11.14 and 3.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
|
|||||
| CVE-2025-40545 | 1 Solarwinds | 1 Observability Self-hosted | 2025-11-24 | N/A | 4.8 MEDIUM |
|
SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required.
|
|||||
| CVE-2025-63828 | 1 Backdropcms | 1 Backdrop Cms | 2025-11-24 | N/A | 6.1 MEDIUM |
|
Host Header Injection vulnerability in Backdrop CMS 1.32.1 allows attackers to manipulate the Host header in password reset requests, leading to redirects to malicious domains and potential session hijacking via cookie injection.
|
|||||
| CVE-2024-8527 | 2025-11-19 | N/A | N/A | ||
|
Open Redirect in URL parameter in Automated Logic WebCTRL and Carrier i-Vu versions 6.0, 6.5, 7.0, 8.0, 8.5, 9.0 may allow attackers to exploit user sessions.
|
|||||
| CVE-2024-13983 | 2 Apple, Google | 2 Iphone Os, Chrome | 2025-11-17 | N/A | 6.3 MEDIUM |
|
Inappropriate implementation in Lens in Google Chrome on iOS prior to 136.0.7103.59 allowed a remote attacker to perform UI spoofing via a crafted QR code. (Chromium security severity: Low)
|
|||||
| CVE-2025-64716 | 2025-11-14 | N/A | N/A | ||
|
Anubis is a Web AI Firewall Utility that challenges users' connections in order to protect upstream resources from scraper bots. Prior to version 1.23.0, when using subrequest authentication, Anubis did not perform validation of the redirect URL and redirects user to any URL scheme. While most modern browsers do not allow a redirect to `javascript:` URLs, it could still trigger dangerous behavior in some cases. Anybody with a subrequest authentication may be affected. Version 1.23.0 contains a f ...
Show More |
|||||
| CVE-2025-20355 | 2025-11-14 | N/A | 4.7 MEDIUM | ||
|
A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page.
|
|||||
| CVE-2025-64754 | 2025-11-14 | N/A | N/A | ||
|
Jitsi Meet is an open source video conferencing application. A vulnerability present in versions prior to 2.0.10532 allows attackers to hijack the OAuth authentication window for Microsoft accounts. This is fixed in version 2.0.10532. No known workarounds are available.
|
|||||
| CVE-2025-1300 | 1 Ericsson | 1 Codechecker | 2025-11-14 | N/A | 6.1 MEDIUM |
|
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
The CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassing the protections against CVE-2021-28861, leading to the same open redirect pathway.
This issue affects CodeChecker: through 6.24.5.
|
|||||
| CVE-2025-26394 | 1 Solarwinds | 1 Observability Self-hosted | 2025-11-12 | N/A | 4.8 MEDIUM |
|
SolarWinds Observability Self-Hosted
is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required.
|
|||||
| CVE-2025-12789 | 2025-11-12 | N/A | 6.1 MEDIUM | ||
|
A flaw was found in Red Hat Single Sign-On. This issue is an Open Redirect vulnerability that occurs during the logout process. The redirect_uri parameter associated with the openid-connect logout protocol does not properly validate the provided URL.
|
|||||