CVE-2014-3739
Open redirect vulnerability in zport/acl_users/cookieAuthHelper/login_form in Zenoss 4.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the came_from parameter.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0029 (0.3%)
Percentile: 51.9%
EPSS: 2026-05-06
Affects
zenoss:zenossTechnical description
Open redirect vulnerability in zport/acl_users/cookieAuthHelper/login_form in Zenoss 4.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the came_from parameter.
Published: 5/20/2014, 2:55:05 PM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://www.openwall.com/lists/oss-security/2014/05/14/5
- http://www.openwall.com/lists/oss-security/2014/05/15/5
- http://www.securityfocus.com/bid/67396
- https://www.youtube.com/watch?v=wtmdsz24evo
- http://www.openwall.com/lists/oss-security/2014/05/14/5
- http://www.openwall.com/lists/oss-security/2014/05/15/5
- http://www.securityfocus.com/bid/67396
- https://www.youtube.com/watch?v=wtmdsz24evo