header-logo
Suggest Exploit
vendor:
agXchange ESM
by:
Unknown
5.5
CVSS
MEDIUM
Open Redirection
601
CWE
Product Name: agXchange ESM
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: No
Related CWE:
CPE: a:agxchange:esm
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Open Redirection Vulnerability in agXchange ESM

agXchange ESM is prone to an open-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other attacks are possible.

Mitigation:

To mitigate this vulnerability, it is recommended to properly sanitize and validate user-supplied input before using it in a redirect URL.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/38879/info

agXchange ESM is prone to an open-redirection vulnerability because the application fails to properly sanitize user-supplied input.

A successful exploit may aid in phishing attacks; other attacks are possible. 

http://www.example.com/[agx_application]/pages/ucschcancelproc.jsp?returnpage=http://www.RedirectExample.com