• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-601

CVE-2022-39021

February 23, 2023 by godfreyd94

U-Office Force login function has an Open Redirect vulnerability. An unauthenticated remote attacker can exploit this vulnerability to redirect user to arbitrary website.

CVE-2022-38657

February 23, 2023 by godfreyd94

An open redirect to malicious sites can occur when accessing the “Feedback” action on the manager page.

CVE-2022-38662

February 23, 2023 by godfreyd94

In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites.

CVE-2022-38197

February 23, 2023 by godfreyd94

Esri ArcGIS Server versions 10.9.1 and below have an unvalidated redirect issue that may allow a remote, unauthenticated attacker to phish a user into accessing an attacker controlled website via a crafted query parameter.

CVE-2022-38201

February 23, 2023 by godfreyd94

An unvalidated redirect vulnerability exists in Esri Portal for ArcGIS Quick Capture Web Designer versions 10.8.1 to 10.9.1. A remote, unauthenticated attacker can potentially induce an unsuspecting authenticated user to access an an attacker controlled domain.

CVE-2022-38208

February 23, 2023 by godfreyd94

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 73
  • Go to page 74
  • Go to page 75
  • Go to page 76
  • Go to page 77
  • Interim pages omitted …
  • Go to page 92
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE