CWE-601: Open Redirect

This CVE describes an open redirect vulnerability in Kibana where attackers can craft malicious URLs that redirect users to arbitrary external website...

This CVE describes an open redirect vulnerability in Fortinet FortiAuthenticator that allows attackers to craft malicious URLs that redirect users to ...

CVE-2022-2237 is an open redirect vulnerability in Keycloak's Node.js adapter checkSso function. This allows attackers to redirect users to malicious ...

This CVE describes an open redirect vulnerability in Logo Software Inc.'s Logo Cloud platform that allows attackers to redirect users to malicious web...

OpenCTI versions before 6.8.3 contain an open redirect vulnerability in the SAML authentication callback endpoint. Attackers can manipulate the RelayS...

This CVE describes an open redirect vulnerability in Restajet Information Technologies' Online Food Delivery System that allows attackers to redirect ...

This vulnerability allows attackers to craft malicious URLs that redirect authenticated Taguette users to arbitrary external websites. It affects all ...

CVE-2025-44109 is an open redirect vulnerability in Pinokio v3.6.23 that allows attackers to redirect users to malicious websites. This affects all us...

An open redirection vulnerability in M-Files mobile applications allows attackers to craft malicious PDF files that trick users into visiting untruste...

An open redirection vulnerability in WSO2 products allows attackers to craft malicious authentication links that redirect users to attacker-controlled...

This vulnerability allows authenticated attackers in UJCMS 9.6.3 to create malicious block/carousel items that redirect users to attacker-controlled w...

SuiteCRM versions before 7.14.4 and 8.6.1 contain an open redirect vulnerability due to unchecked input. This allows attackers to redirect users to ma...

This vulnerability allows a low-privilege authenticated attacker to redirect users to malicious websites via an open redirect flaw in Adobe Experience...

This vulnerability allows low-privilege authenticated attackers in Adobe Experience Manager 6.5.15.0 and earlier to redirect users to malicious websit...

This vulnerability allows low-privilege authenticated attackers to create malicious links that redirect users to untrusted websites when clicked. It a...

This vulnerability allows low-privilege authenticated attackers to create malicious links that redirect Adobe Experience Manager users to untrusted we...

This vulnerability allows low-privilege authenticated attackers to create malicious links that redirect users to untrusted websites when clicked. It a...

This vulnerability allows low-privilege authenticated attackers to create malicious links that redirect Adobe Experience Manager users to untrusted we...

This vulnerability in Products.isurlinportal allows attackers to redirect users to external malicious websites after login by manipulating the 'came_f...

This vulnerability in curl allows OAuth2 bearer tokens to be incorrectly passed during cross-protocol redirects from HTTP(S) to IMAP, LDAP, POP3, or S...

An open redirect vulnerability in Volosoft ABP Framework's Account module allows attackers to redirect users to malicious external websites by manipul...

This CVE describes an intent redirection vulnerability in Reolink mobile app version 4.54.0.4.20250526 that allows attackers to bypass intended restri...

This CVE describes a vulnerability in urllib3 where disabling redirects at the PoolManager level fails to properly mitigate SSRF or open redirect atta...

This vulnerability in Firefox for Android allows attackers to spoof the address bar when redirecting to invalid protocol schemes, potentially tricking...

SolarWinds Observability Self-Hosted has an open redirection vulnerability where authenticated attackers can manipulate URLs to redirect users to mali...

SolarWinds Observability Self-Hosted has an open redirection vulnerability where attackers can manipulate URLs to redirect authenticated users to mali...

This vulnerability in TYPO3's URI parsing component allows attackers to bypass host validation checks when processing externally provided URLs. This c...

This CVE describes an open redirect vulnerability in the B2BKing Premium WordPress plugin that allows attackers to redirect users to malicious website...

An open redirect vulnerability in go-chi/chi's RedirectSlashes function allows attackers to craft URLs that appear legitimate but redirect users to ma...

The URL Shortify WordPress plugin contains an open redirect vulnerability that allows unauthenticated attackers to craft malicious links that redirect...

This CVE describes an open redirect vulnerability in web2py web framework. Attackers can craft malicious URLs that redirect users to arbitrary externa...

An open redirect vulnerability in SAP Supplier Relationship Management allows unauthenticated attackers to craft malicious URLs that redirect victims ...

This CVE describes an Open Redirect vulnerability in Kanboard versions 1.2.48 and below that allows attackers to redirect authenticated users to malic...

The Solutions Ad Manager WordPress plugin has an open redirect vulnerability that allows unauthenticated attackers to redirect users to malicious webs...

This CVE describes an open redirect vulnerability in the flexmls IDX WordPress plugin that allows attackers to redirect users to malicious websites. T...

An open redirect vulnerability in Cisco Catalyst Center Virtual Appliance's web management interface allows unauthenticated remote attackers to redire...

This CVE describes an open redirect vulnerability in the WP Gravity Forms HubSpot plugin for WordPress. Attackers can craft malicious URLs that redire...

This vulnerability allows unauthenticated attackers to redirect WordPress users to malicious websites by exploiting insufficient validation of the 're...

This CVE describes an open redirect vulnerability in the WP Gravity Forms Keap/Infusionsoft WordPress plugin that allows attackers to redirect users t...

This CVE describes an open redirect vulnerability in Pusula Communication's Manageable Email Sending System that allows attackers to redirect users to...

This CVE describes an open redirect vulnerability in the CRM Perks Connector for Gravity Forms and Google Sheets WordPress plugin. Attackers can craft...

An open redirect vulnerability in HotelRunner B2B allows attackers to redirect users to malicious websites by manipulating URLs. This affects HotelRun...

This vulnerability in DiracX-Web allows attackers to redirect authenticated users to malicious websites through an unvalidated redirect parameter. Att...

This CVE describes an Open Redirect vulnerability in WeGIA web management software where attackers can manipulate the 'nextPage' parameter in control....

This CVE describes an open redirect vulnerability in the Newspack Newsletters WordPress plugin that allows attackers to redirect users to malicious we...

This CVE describes an open redirect vulnerability in the WP Gravity Forms Salesforce plugin for WordPress. Attackers can craft malicious URLs that red...

This CVE describes an open redirect vulnerability in the 'Integrations of Zoho CRM with Elementor form' WordPress plugin. Attackers can craft maliciou...

This vulnerability allows attackers to redirect users from legitimate WooCommerce/Salesforce integration pages to malicious websites through crafted U...

This CVE describes an open redirect vulnerability in the Heateor Support Sassy Social Share WordPress plugin. Attackers can craft malicious URLs that ...

This CVE describes an open redirect vulnerability in the Fast eBay Listings WordPress plugin that allows attackers to redirect users to malicious webs...