url redirection

Disclosed: 2021-07-30 14:33:20 By ben_lay To upchieve
Critical
Vulnerability Details
## Summary: [the following url is vulnerable to redirect] https://app.upchieve.org ## Steps To Reproduce: when you add @evil.com the user will be directed to evil.com https://[email protected] ## Impact Users could get redirected to malicious domain
Actions
View on HackerOne
Report Stats
  • Report ID: 1283200
  • State: Closed
  • Substate: not-applicable
  • Upvotes: 5
Share this report