OSSA-2012-012: Open redirect through ‘next’ parameter

Date

August 30, 2012

CVE

CVE-2012-3540

Affects

  • Horizon: Essex (2012.1)

Description

Thomas Biege from SUSE reported a vulnerability in Horizon authentication mechanism. By adding a malicious ‘next’ parameter to a Horizon authentication URL and enticing an unsuspecting user to follow it, the victim might get redirected after authentication to a malicious site where useful information could be extracted. Only setups running Essex are affected.

Credits

  • Thomas Biege from SUSE (CVE-2012-3540)