CVE-2014-3739

2014-05-20T14:55:00
ID CVE-2014-3739
Type cve
Reporter cve@mitre.org
Modified 2014-05-21T22:07:00

Description

Open redirect vulnerability in zport/acl_users/cookieAuthHelper/login_form in Zenoss 4.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the came_from parameter.