HP System Management Homepage 'RedirectUrl' Parameter URI Redirection Vulnerability

2010-04-25T00:00:00
ID EDB-ID:33873
Type exploitdb
Reporter Aung Khant
Modified 2010-04-25T00:00:00

Description

HP System Management Homepage 'RedirectUrl' Parameter URI Redirection Vulnerability. CVE-2010-1586. Remote exploits for multiple platform

                                        
                                            source: http://www.securityfocus.com/bid/39676/info

HP System Management Homepage is prone to an open-redirection vulnerability because the application fails to properly sanitize user-supplied input.

A successful exploit may aid in phishing attacks; other attacks are possible.

http://www.example.com/red2301.html?RedirectUrl=evil () attacker com