Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via the directToPage parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell zenworks configuration management 11.2.3 |
||
novell zenworks configuration management 11.2.2 |
||
novell zenworks configuration management 11.2 |
||
novell zenworks configuration management 11.2.1 |