NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to redirect users to other websites via the (1) sCancelURL and possibly (2) sRedirectUrl parameters.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/26502http://www.securityfocus.com/archive/1/433808http://secunia.com/advisories/20075http://www.vupen.com/english/advisories/2006/1787http://securityreason.com/securityalert/897http://www.osvdb.org/25473
