Vulnerabilities > CVE-2014-2230 - Open Redirection vulnerability in OpenX

047910
CVSS 5.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
openx

Summary

Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) dest parameter to adclick.php or (2) _maxdest parameter to ck.php. <a href = "http://cwe.mitre.org/data/definitions/601.html"> CWE-601: URL Redirection to Untrusted Site ('Open Redirect') </a>

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/128718/openx2810-redirect.txt
idPACKETSTORM:128718
last seen2016-12-05
published2014-10-16
reporterJing Wang
sourcehttps://packetstormsecurity.com/files/128718/OpenX-2.8.10-Open-Redirect.html
titleOpenX 2.8.10 Open Redirect