CWE · MITRE source
CWE-601URL Redirection to Untrusted Site ('Open Redirect')
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (2)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
AT-2 | Literacy Training and Awareness | AT | Security awareness includes verifying URLs and avoiding untrusted redirects that lead to malicious sites. |
SI-10 | Information Input Validation | SI | Validates redirect targets and URLs to ensure they conform to allowed destinations. |
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2016-5385 | 6.5 | 8.1 | 0.8135 | 2016-07-19 |
CVE-2021-29622 | 6.5 | 6.5 | 0.8666 | 2021-05-19 |
CVE-2021-3654 | 6.5 | 6.1 | 0.8837 | 2022-03-02 |
CVE-2017-1000117 | 6.3 | 8.8 | 0.7643 | 2017-10-05 |
CVE-2019-10098 | 5.9 | 6.1 | 0.7740 | 2019-09-25 |
CVE-2018-11784 | 5.8 | 4.3 | 0.8262 | 2018-10-04 |
CVE-2020-15129 | 5.8 | 6.1 | 0.7684 | 2020-07-30 |
CVE-2020-11529 | 5.4 | 6.1 | 0.7030 | 2020-04-04 |
CVE-2022-40083 | 5.4 | 9.6 | 0.5877 | 2022-09-28 |
CVE-2020-24550 | 5.2 | 6.1 | 0.6589 | 2021-03-31 |
CVE-2024-22243 | 5.2 | 8.1 | 0.5959 | 2024-02-23 |
CVE-2023-32068 | 5.0 | 4.7 | 0.6710 | 2023-05-15 |
CVE-2024-22259 | 5.0 | 8.1 | 0.5639 | 2024-03-16 |
CVE-2019-7275 | 4.8 | 6.1 | 0.5982 | 2019-07-01 |
CVE-2023-24044 | 4.8 | 6.1 | 0.5915 | 2023-01-22 |
CVE-2020-11034 | 4.7 | 6.1 | 0.5871 | 2020-05-05 |
CVE-2024-1183 | 4.6 | 6.5 | 0.5505 | 2024-04-16 |
CVE-2005-0420 | 4.5 | 0.0 | 0.7471 | 2005-04-27 |
CVE-2020-8559 | 4.4 | 6.4 | 0.5120 | 2020-07-22 |
CVE-2021-46379 | 4.4 | 6.1 | 0.5224 | 2022-03-04 |
CVE-2023-6389 | 4.4 | 6.1 | 0.5252 | 2024-01-29 |
CVE-2023-33405 | 4.3 | 6.1 | 0.5140 | 2023-06-21 |
CVE-2024-22891 | 4.3 | 9.8 | 0.3943 | 2024-03-01 |
CVE-2012-0518 KEV | 4.2 | 4.7 | 0.2090 | 2012-10-16 |
CVE-2022-0165 | 4.2 | 6.1 | 0.4904 | 2022-03-14 |