5.8
CVSSv2

CVE-2014-3739

Published: 20/05/2014 Updated: 21/05/2014
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Vulnerability Summary

Open redirect vulnerability in zport/acl_users/cookieAuthHelper/login_form in Zenoss 4.2.5 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the came_from parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

zenoss zenoss 4.2.5