CVE		CVE-2008-6511
Status		Candidate
Description		Open redirect vulnerability in login.jsp in Openfire 3.6.0a and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter.
Phase		Assigned (23.03.2009)
NVD:		http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6511
References		BUGTRAQ : 20081108 [AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...)
		MILW0RM : 7075
		MISC : http://www.andreas-kurtz.de/advisories/AKADV2008-0...
SecurityVulns:		Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)