Falhas do tipo CWE-601

993 resultados
CVE-2022-31735OpenAM Consortium Edition version 14.0.0 provided by OpenAM Consortium contains an open redirect vulnerability (CWE-601). When accessing an EPSS 0.4%CVE-2023-6812MEDIUMWP Compress – Image Optimizer [All-In-One] <= 6.20.01 - Open Redirect via cssEPSS 0.4%CVE-2025-30781MEDIUMWordPress Scheduled & Automatic Order Status Controller for WooCommerce plugin <= 3.7.1 - Open Redirection VulnerabilityEPSS 0.4%CVE-2024-54050MEDIUMAdobe Connect | URL Redirection to Untrusted Site ('Open Redirect') (CWE-601)EPSS 0.4%CVE-2022-45413MEDIUMUsing the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookEPSS 0.4%CVE-2024-54051MEDIUMAdobe Connect | URL Redirection to Untrusted Site ('Open Redirect') (CWE-601)EPSS 0.4%CVE-2022-28977MEDIUMHtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17 through 25, 7.2 EPSS 0.4%CVE-2023-6545MEDIUMBeckhoff: Open redirect in TwinCAT/BSD package authelia-bhfEPSS 0.4%CVE-2022-4946MEDIUMFrontend Post WordPress Plugin <= 2.8.4 - Contributor+ Arbitrary RedirectEPSS 0.4%CVE-2026-3872HIGHKeycloak: keycloak: information disclosure due to redirect_uri validation bypassEPSS 0.4%CVE-2016-15030LOWArno0x TwoFactorAuth login.php redirectEPSS 0.4%CVE-2022-41215MEDIUMSAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URLEPSS 0.4%CVE-2025-57800HIGHAudiobookshelf vulnerable to OIDC token exfiltration and account takeoverEPSS 0.4%CVE-2025-46826LOWinsa-auth Open-Redirect on provided CAS server login endpointEPSS 0.4%CVE-2022-3797MEDIUMeolinker apinto-dashboard login redirectEPSS 0.4%CVE-2023-28069MEDIUM Dell Streaming Data Platform prior to 1.4 contains Open Redirect vulnerability. A remote unauthenticated attacker can phish the legitimate EPSS 0.4%CVE-2026-33506HIGHDOM-Based XSS in Ory Polis Login PageEPSS 0.4%CVE-2026-28681HIGHIRRd: web UI host header injection allows password reset poisoning via attacker-controlled email linksEPSS 0.4%CVE-2022-0637MEDIUMopen redirect in pollbot (pollbot.services.mozilla.com) in versions before 1.4.6EPSS 0.4%CVE-2025-40630MEDIUMOpen redirection vulnerability in IceWarp Mail ServerEPSS 0.4%