CVE-2008-2951 Information

Description

Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter possibly related to the quickjump function.

Reference

http://holisticinfosec.org/content/view/72/45/ http://secunia.com/advisories/31314 http://trac.edgewall.org/wiki/ChangeLog http://www.osvdb.org/46513 http://www.securityfocus.com/bid/30402 https://exchange.xforce.ibmcloud.com/vulnerabilities/44043 https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01261.html https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01270.html