- 34,599
- 0
- 18 Дек 2022
- EDB-ID
- 25084
- Проверка EDB
-
- Пройдено
- Автор
- MORNING WOOD
- Тип уязвимости
- WEBAPPS
- Платформа
- ASP
- CVE
- cve-2005-0420
- Дата публикации
- 2005-02-07
Код:
source: https://www.securityfocus.com/bid/12459/info
A remote URI-redirection vulnerability affects Microsoft Outlook Web Access. This issue occurs because the application fails to properly sanitize URI-supplied data.
An attacker may leverage this issue to carry out convincing phishing attacks against unsuspecting users by causing an arbitrary page to be loaded when the Microsoft Outlook Web Access login form is submitted.
https://owa.example.com/exchweb/bin/auth/owalogon.asp?url=http://www.example.net
https://owa.example.com/exchweb/bin/auth/owalogon.asp?url=http://3221234342/- Источник
- www.exploit-db.com
