Open Redirect Vulnerability in Lotus Connections by IBM
CVE-2010-2280

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Connections
Vendor: CVE Published:; 15 June 2010

Summary

An open redirect vulnerability exists in the Mobile component of IBM Lotus Connections 2.5.x prior to version 2.5.0.2. This flaw allows remote attackers to redirect users to arbitrary websites, potentially facilitating phishing attacks. The vulnerability is linked to specific 'mobile edit actions' that could be exploited, enabling unauthorized redirection and compromising user data security. Organizations using affected versions should apply necessary updates to safeguard against these types of attacks, ensuring integrity and trust in their online interactions.

References

http://www.vupen.com/english/advisories/2010/1281

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/40007

third-party-advisoryx_refsource_SECUNIA

http://www-01.ibm.com/support/docview.wss?uid=swg21431472

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 15, 2010