Invalid request may lead content spoofing for phishing

Disclosed: 2017-04-12 18:00:59 By d4rk_g1rl To nextcloud

Unknown

Vulnerability Details

HI, I found that site have invalid request may lead to content spoof. Proof Of Concept: https://logs.nextcloud.com/redirect_uri?And_move_t0_malicioussite.com Thanks,

Actions

View on HackerOne

Report Stats

Report ID: 213056
State: Closed
Substate: resolved
Upvotes: 10

Invalid request may lead content spoofing for phishing

Vulnerability Details

Actions

Report Stats

Share this report