IBM Rational Developer for I allows you to create, manage and modernize applications on the IBM i platform.
It integrates development tools such as search, modify, create, analyze and restructure capabilities.
The IDE (integrated development environment) also contains several debuggers for the Eclipse framework, widely used to simplify and accelerate application development and modernization.
One of the IDE features called “Code Coverage” has a browser interface using “follow-redirects”.
It turns out that the flaw stems from these redirects, which could enable a remote attacker to carry out phishing attacks by exploiting a vulnerability in the URL construction of the interface to redirect to arbitrary websites.
This is a major CVSS 6.1 risk that must be corrected by installing an IDE fix, which can be found in the fixcentral section of the IBM website(https://lnkd.in/e6T3yaHV) in the support section (link and installation tutorial in the attachment).
