Zenoss Monitoring System HTML Injection and Open redirection Vulnerabilities

Attackers can exploit these issues using browser. An attacker can exploit open-redirection issue by enticing an unsuspecting victim to follow a malicious URI.

The following example URI is available:

http://example.com/zport/acl_users/cookieAuthHelper/login_form?came_from=[http://malicious-website.com]


 

Privacy Statement
Copyright 2010, SecurityFocus