open redirect in eb9f.pivcac.prod.login.gov

Disclosed: 2020-05-12 18:19:43 By timwhite To gsa_bbp

Low

Vulnerability Details

poc: ``` https://eb9f.pivcac.prod.login.gov/?nonce=wI0UglN84A06Q4z4JnkZVc3i1V8%3D&redirect_uri=https%3A%2F%2Fgoogle.com%23%40secure.login.gov%2Flogin%2Fpiv_cac ``` visit this and will redirect to google.com ## Impact phishing

Actions

View on HackerOne

Report Stats

Report ID: 798742
State: Closed
Substate: resolved
Upvotes: 12

open redirect in eb9f.pivcac.prod.login.gov

Vulnerability Details

Actions

Report Stats

Share this report