Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-4668 PoC — Xceedium Xsuite 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2015/CVE-2015-4668.yaml
Associated Vulnerability
Title:Xceedium Xsuite 安全漏洞 (CVE-2015-4668)
Description:Xceedium Xsuite是美国Xceedium公司的一套对混合云环境提供访问控制、监控和记录功能的统一身份管理解决方案。该方案支持基于角色或单个用户制定访问控制策略。 Xceedium Xsuite 2.3.0版本和2.4.3.0版本中存在开放重定向漏洞。远程攻击者可借助‘redirurl’参数中的URL利用该漏洞将用户重定向到任意网站,并执行钓鱼攻击。
Description
Xsuite 2.4.4.5 and prior contains an open redirect vulnerability, which can allow a remote attacker to redirect users to arbitrary web sites and conduct phishing attacks via a malicious URL in the redirurl parameter.
File Snapshot

 id: CVE-2015-4668

info:
  name: Xsuite <=2.4.4.5 - Open Redirect
  author: 0x_Akoko
  severity: med

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.