映射到 CWE-601 的搜索结果 (17)
[原文]The "Scheduler" function in Cybozu Garoon before 4.2.2 allows remote attackers to redirect users to arbitrary websites.
[原文]IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redirect a victim to arbitrary Web sites. IBM X-Force ID: 110236.
[原文]Jive before 2016.3.1 has an open redirect from the external-link.jspa page.
[原文]Open redirect vulnerability in the Console in Puppet Enterprise before 2015.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the string parameter.
[原文]An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The "defer" servlet offers to redirect a client to a specified URL. Since some checks were missing, arbitrary URLs could be provided as redirection target. Users can be tricked to follow a link to a trustworthy domain but end up at an unexpected service later on. This vulnerability can be used to prepare and enhance phishing attacks.
[原文]Open redirect vulnerability in IBM FileNet Workplace 4.0.2 through 22.214.171.124 IF001 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.