CVE-2010-0715 Information

Description

Open redirect vulnerability in login.jsp in IBM WebSphere Portal IBM Lotus Web Content Management (WCM) and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5 6.0.0.0 through 6.0.0.4 6.0.1.0 through 6.0.1.7 6.1.0.0 through 6.1.0.3 and 6.1.5.0; and IBM Lotus Quickr services 8.0 8.0.0.2 8.1 8.1.1 and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string.

Reference

http://www.hacktics.com/content/advisories/AdvIBM20100224.html http://www.securityfocus.com/archive/1/509744/100/0/threaded http://www-01.ibm.com/support/docview.wss?uid=swg21421469 https://exchange.xforce.ibmcloud.com/vulnerabilities/56602