IBM Lotus Notes 'names.nsf' Open Redirection Vulnerability

IBM Lotus Notes 'names.nsf' Open Redirection Vulnerability

An attacker can exploit this issue by enticing an unsuspecting victim into following a malicious URI.

The following example POST data is available:

POST /names.nsf?Login HTTP/1.1

Connection: Keep-Alive

%25%25ModDate=xxxxxxxxxxxxxxxx&Username=yyyy+zzzz&Password=aaaaaa&RedirectTo=http://www.example.com&SaveOptions=0&...