Open Redirect Vulnerability in IBM Lotus Notes Traveler
CVE-2012-4824

Currently unrated

Key Information:

Vendor
IBM
Status
Lotus Notes Traveler
Vendor
CVE Published:
8 October 2012

Summary

An open redirect vulnerability exists in the servlet/traveler component of IBM Lotus Notes Traveler versions prior to 8.5.3.3 Interim Fix 1. This flaw allows malicious actors to redirect users to arbitrary web sites by exploiting the redirectURL parameter. Through this exploitation, attackers can potentially conduct pervasive phishing attacks, misleading users into submitting personal information on fraudulent web pages.

References

http://archives.neohapsis.com/archives/fulldisclosure/201...
mailing-listx_refsource_FULLDISC
http://www-01.ibm.com/support/docview.wss?uid=swg21612229
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.