CVE-2008-4284 Information

Description

Open redirect vulnerability in the ibm_security_logout servlet in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.x versions 6.0.x before 6.0.2.33 and 6.1.x before 6.1.0.23 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the logoutExitPage feature.

Reference

http://www.securityfocus.com/bid/33700 http://www-1.ibm.com/support/docview.wss?uid=swg21320242 http://www-1.ibm.com/support/docview.wss?uid=swg24021527 https://exchange.xforce.ibmcloud.com/vulnerabilities/47200