Open redirect vulnerability in the password reset functionality in POSH 3.0 up to and including 3.2.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to portal/scr_sendmd5.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
posh project posh |