CVE-2011-2941

Red Hat JBoss Enterprise Portal Platform < 5.2.0 - Open Redirect via initialURI Parameter

Title source: llm
STIX 2.1

Description

Open redirect vulnerability in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the initialURI parameter.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2011-1822.html

Scores

EPSS 0.0113
EPSS Percentile 62.6%

Details

CWE
CWE-20
Status published
Products (5)
redhat/jboss_enterprise_portal_platform 4.3.0 (6 CPE variants)
redhat/jboss_enterprise_portal_platform 5.0.0
redhat/jboss_enterprise_portal_platform 5.0.1
redhat/jboss_enterprise_portal_platform 5.1.0
redhat/jboss_enterprise_portal_platform < 5.1.1
Published Feb 26, 2014
Tracked Since Feb 18, 2026