CVE-2014-9617

Name of the Vulnerable Software and Affected Versions: Netsweeper versions prior to 4.0.5

Description: The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter in the remotereporter/load logfiles.php file. This enables attackers to trick users into accessing malicious sites.

Recommendations: For versions prior to 4.0.5, update to version 4.0.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the remotereporter/load logfiles.php file or avoiding the use of the url parameter in this context until the update is applied.