Open Redirect at *.myshopify.com/account/login?checkout_url=
Unknown
Vulnerability Details
Hi,
Any user after logging into an any myshopify shop can be redirected to other domain.
To reproduce:
Send this to victim:
http://sehyoginfoshop.myshopify.com/account/login?checkout_url=.np
Now when our victim logs in,
He will be redirected to
https://sehyoginfoshop.myshopify.com.np/
Which is not a shopify domain.
Fix: While redirecting Use <shop-name>"/"$checkout_url instead of <shop-name>$checkout_url
Actions
View on HackerOneReport Stats
- Report ID: 103772
- State: Closed
- Substate: resolved
- Upvotes: 26