Open naxonez opened 8 years ago
Hi,
I found this Open Redirect in ZurmoCRM.
[*] Page affected
index.php/meetings/default/edit?id=182&redirectUrl=http://www.google.com
[*] Fields affected
RedirectUrl
When you write any domain in the parameter RedirectURL the user is redirect to this url This attack can be used to do phishings or redirection to exploit kits.
Regards.
Hi,
I found this Open Redirect in ZurmoCRM.
[*] Page affected
index.php/meetings/default/edit?id=182&redirectUrl=http://www.google.com
[*] Fields affected
RedirectUrl
When you write any domain in the parameter RedirectURL the user is redirect to this url This attack can be used to do phishings or redirection to exploit kits.
Regards.