Insightly: returnUrl= allow attacker to redirect users to the another phising website and takeover credientials
The application at https://crm.na1.insightly.com was found to be vulnerable to a redirect vulnerability. An attacker could have redirected users to a malicious website by manipulating the 'returnUrl' parameter in the login authentication process. This could have allowed the attacker to potentiall...