Open Redirect - www.shopify.com
Low
Vulnerability Details
Hello Shopify team,
I found an open redirect in www.shopify.com
Link:
- `https://www.shopify.com/plus/get-cdn-asset?asset=http://evil.com/?`
**Vulnerable parameter:** `asset`
## Impact
- Open redirect that can lead to phishing and other type of attacks.
Have a good day, zonduu.
Actions
View on HackerOneReport Stats
- Report ID: 905737
- State: Closed
- Substate: resolved
- Upvotes: 17