open redirect in https://slack.com
Unknown
Vulnerability Details
Navigate to Https://slack.com
append "/link?url=url=http://bing.com" or enter any website of your choice with http://
vulnerable link https://slack.com/link?url=http://bing.com
notice that user is redirected to bing.com without being validated or notified
Actions
View on HackerOneReport Stats
- Report ID: 6035
- State: Closed
- Substate: informative
- Upvotes: 2