This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.
This is currently being used when the newsletters are published, the URL looks like this : http://netbeans.org/jump.html?url=http%3A%2F%2Fwww.troymaxventures.com%2F2011%2F04%2Fprogrammatically-working-with-databases.html&intcmp=925655 Obviously, the idea is for users to see that this is a item published on netbeans.org, but when they click on the link to be redirected to the target site. This open redirect can be used for phishing attacks for sending users to unsavory sites and make it look like it was all sanctioned by netbeans, e.g.: http://netbeans.org/jump.html?url=http%3A%2F%2Fwww.evil.org&intcmp=925655 would redirect the user to www.evil.org More details on the subject at http://cwe.mitre.org/data/definitions/601.html and https://www.owasp.org/index.php/Open_redirect
SPAM - Removed by Administrator