webmail.mit.edu suffers from an open redirection vulnerability.
71230acbb262cb99d7292fd923315777ab2695cda3d14a7cc42d66e422911466
# URL Open Redirect on WEBMAIL of Massachusetts Institute of Technology
# Risk: Low
# CWE number: CWE-601
# Date: 11/11/2014
# Author: Felipe " Renzi " Gabriel
# Contact: renzi@linuxmail.org
# Tested on Linux Ubuntu 14.04 ; Mozilla Firefox 33.0
# Vulnerable File: go.php
# Exploit:
[+] http://host.com/horde/services/go.php?url=http://site.com
# PoC:
[+] https://webmail.mit.edu/horde/services/go.php?url=http://www.uol.com.br
# Note: Open redirect (CWE-601) allows phishing attack to be more effective.
Redirection is commonly used within all web applications for various
purposes.("Jason Lam" ~ Top 25 Series - Rank 23 - Open Redirect)
This bug happens on Horde Webmail Service Version 5.1 and others, it
was discovered by Felipe Andrian Peixoto.
# Reference:
[1] http://software-security.sans.org
[2] http://dl.packetstormsecurity.net/1403-exploits/hordewebmail-openredir.txt
# Thank's