Open redirect

2014-02-2615:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

51.8%

JSON

Open redirect vulnerability in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the initialURI parameter.

CPENameOperatorVersion
jboss_enterprise_portal_platformeq4.3.0 cp3
jboss_enterprise_portal_platformeq5.0.0
jboss_enterprise_portal_platformeq5.1.0
jboss_enterprise_portal_platformeq4.3.0 cp6
jboss_enterprise_portal_platformeq4.3.0 cp7
jboss_enterprise_portal_platformeq4.3.0
jboss_enterprise_portal_platformle5.1.1
jboss_enterprise_portal_platformeq4.3.0 cp5
jboss_enterprise_portal_platformeq5.0.1
jboss_enterprise_portal_platformeq4.3.0 cp4

Name	Operator	Version
jboss_enterprise_portal_platform	eq	4.3.0 cp3
jboss_enterprise_portal_platform	eq	5.0.0
jboss_enterprise_portal_platform	eq	5.1.0
jboss_enterprise_portal_platform	eq	4.3.0 cp6
jboss_enterprise_portal_platform	eq	4.3.0 cp7
jboss_enterprise_portal_platform	eq	4.3.0
jboss_enterprise_portal_platform	le	5.1.1
jboss_enterprise_portal_platform	eq	4.3.0 cp5
jboss_enterprise_portal_platform	eq	5.0.1
jboss_enterprise_portal_platform	eq	4.3.0 cp4

References

rhn.redhat.com/errata/RHSA-2011-1822.html