Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.

References

• https://nvd.nist.gov/vuln/detail/CVE-2008-4104
• https://exchange.xforce.ibmcloud.com/vulnerabilities/45071
• http://marc.info/?l=oss-security&m=122115344915232&w=2
• http://marc.info/?l=oss-security&m=122118210029084&w=2
• http://marc.info/?l=oss-security&m=122152798516853&w=2
• http://securityreason.com/securityalert/4275
• https://web.archive.org/web/20081219152017/http://developer.joomla.org/security/news/274-20080904-core-redirect-spam.html