← back
CVE-2011-3415

CVE-2011-3415

EPSS 24.1%
Open redirect vulnerability in the Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted return URL, aka "Insecure Redirect in .NET Form Authentication Vulnerability."
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://jvndb.jvn.jp/jvndb/JVNDB-2011-003557http://jvn.jp/en/jp/JVN71256611/index.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-100https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14815http://www.securityfocus.com/bid/51202