PT-2014-4568 · Openx · Openx
Published
2014-10-23
·
Updated
2017-08-29
·
CVE-2014-2230
CVSS v2.0
5.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
OpenX versions 2.8.10 and earlier
Description
The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. This can be achieved via a URL in the
dest parameter to "adclick.php" or the maxdest parameter to "ck.php".Recommendations
For OpenX versions 2.8.10 and earlier, update to a version later than 2.8.10 to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Openx