CVE-2008-2268

Name of the Vulnerable Software and Affected Versions: Mjguest version 6.7 GT Rev.01

Description: The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. This is achieved via a URL in the goto parameter in a redirect action to "mjguest.php". The attack is user-assisted, meaning there is a delay and a notification before the redirection occurs.

Recommendations: For Mjguest version 6.7 GT Rev.01, consider restricting access to the "interface/redirect.htm.php" file or avoiding the use of the goto parameter in redirect actions to "mjguest.php" until a fix is available. As a temporary workaround, consider implementing additional validation for the goto parameter to minimize the risk of exploitation.