RSA Authentication Agent for Web 5.3 - Open Redirection
| EKU-ID: 36648 | CVE: | OSVDB-ID: |
| Author: Richard Brain | Published: 2008-04-23 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 36648 | CVE: | OSVDB-ID: |
| Author: Richard Brain | Published: 2008-04-23 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/28907/info RSA Authentication Agent for Web is prone to a remote URI-redirection vulnerability because the application fails to adequately sanitize user-supplied input. A successful attack may aid in phishing-style attacks. This issue affects RSA Authentication Agent for Web for Internet Information Services 5.3.0.258. Other versions may also be affected. https://www.example.com/WebID/IISWebAgentIF.dll?Redirect?url=ftp://www.example2.com/index.htm