VBulletin Index.PHP User Interface Spoofing Weakness

There is no exploit required; however the following example has been supplied:

http://forums.example.com/admincp/index.php?loc=http://www.example.com


 

Privacy Statement
Copyright 2010, SecurityFocus