Open redirect vulnerability in Opsview Monitor Pro (Prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the back parameter to the /login URI.
References
Link | Resource |
---|---|
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-016/?fid=8341 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-05-03 03:59
Updated : 2017-05-17 10:37
NVD link : CVE-2016-10368
Mitre link : CVE-2016-10368
JSON object : View
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Products Affected
opsview
- opsview