CVE-2014-2213
CVE-2014-2213 : Open redirect vulnerability in POSH 3.0–3.2.1’s password reset functionality. An attacker can craft a redirect parameter to portal/scr_sendmd5.php to send users to arbitrary sites, enabling phishing. No exploitation details are provided in the documents; remediation/patch details ...