CVE-2014-6255
CVE-2014-6255 affects Zenoss Core prior to 4.2.5 SP161, with an open redirect in the login form triggered by the came_from parameter. This can enable phishing by redirecting users to arbitrary sites. Remediation: upgrade to Zenoss Core 4.2.5 SP (or later) as indicated by the vendor/update guidanc...