Unrated severityNVD Advisory· Published Jul 17, 2012· Updated Apr 29, 2026

CVE-2012-4032

Description

Open redirect vulnerability in the login page in WebsitePanel before 1.2.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in ReturnUrl to Default.aspx.

Affected products

Websitepanel/Websitepanel7 versions
cpe:2.3:a:websitepanel:websitepanel:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:websitepanel:websitepanel:*:*:*:*:*:*:*:*range: <=1.2.1
- cpe:2.3:a:websitepanel:websitepanel:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:websitepanel:websitepanel:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:websitepanel:websitepanel:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:websitepanel:websitepanel:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:websitepanel:websitepanel:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:websitepanel:websitepanel:1.2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/83689nvdExploit
packetstormsecurity.org/files/114541/WebsitePanel-CMS-Open-Redirect.htmlnvdExploit
www.securityfocus.com/bid/54346nvdExploit
secunia.com/advisories/49813nvdVendor Advisory
websitepanel.codeplex.com/workitem/224nvd
exchange.xforce.ibmcloud.com/vulnerabilities/76803nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000