Open Redirect at █████

Disclosed: 2022-11-18 18:37:37 By angeltsvetkov To deptofdefense
Medium
Vulnerability Details
Open Redirect on https://███ User can be redirect to malicious site POC: ████████/texis/search/redir.html?query=1234&pr=External+Meta&prox=page&rorder=500&rprox=500&rdfreq=500&rwfreq=250&rlead=500&rdepth=62&sufs=3&order=r&u=http://evil.com&m=0&p=2 I hope you know the impact of open redirect and more info refer https://cwe.mitre.org/data/definitions/601.html ## Impact User can be redirect to malicious site. ## System Host(s) ███████ ## Affected Product(s) and Version(s) ## CVE Numbers ## Steps to Reproduce Just open: █████/texis/search/redir.html?query=1234&pr=External+Meta&prox=page&rorder=500&rprox=500&rdfreq=500&rwfreq=250&rlead=500&rdepth=62&sufs=3&order=r&u=http://evil.com&m=0&p=2 Vulnerable parameter: u= ## Suggested Mitigation/Remediation Actions
Actions
View on HackerOne
Report Stats
  • Report ID: 1634105
  • State: Closed
  • Substate: resolved
  • Upvotes: 5
Share this report