Falhas do tipo CWE-601

987 resultados
CVE-2025-4123HIGHA cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attaEPSS 94.7%CVE-2021-22881The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted `HosEPSS 87.3%CVE-2022-45402MEDIUMApache Airflow: Open redirect during loginEPSS 81.8%CVE-2019-10098In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by enEPSS 74.0%CVE-2020-8143An Open Redirect vulnerability was discovered in Revive Adserver version < 5.0.5 and reported by HackerOne user hoangn144. A remote attackerEPSS 70.4%CVE-2021-22873Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php deliEPSS 66.1%CVE-2021-28125Apache Superset Open RedirectEPSS 63.8%CVE-2020-1927In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by enEPSS 56.7%CVE-2023-32068MEDIUMURL Redirection to Untrusted Site in XWikiEPSS 55.1%CVE-2022-1058HIGHOpen Redirect on login in go-gitea/giteaEPSS 53.2%CVE-2025-6023HIGHAn open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introdEPSS 37.6%CVE-2023-5375MEDIUMOpen Redirect in mosparo/mosparoEPSS 33.6%CVE-2023-33405MEDIUMBlogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect.EPSS 31.3%CVE-2024-5936MEDIUMOpen Redirect in imartinez/privategptEPSS 28.9%CVE-2021-3654A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desiEPSS 27.5%CVE-2021-29622MEDIUMArbitrary redirects under /new endpointEPSS 19.6%CVE-2019-3778Open Redirect in spring-security-oauth2EPSS 15.6%CVE-2021-20031A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary wEPSS 13.0%CVE-2019-1943MEDIUMCisco Small Business Series Switches Open Redirect VulnerabilityEPSS 10.5%CVE-2025-3155HIGHYelp: arbitrary file readEPSS 10.3%