Pranav Hivarekar's Security Blog

REST-API Lover | Security Researcher | API Coder | Ambivert | GET /noob

Home     About      Favorite Books      Join Security Thursday     

HackerOne Bug - Redirect Filter Bypass and Open Redirector

What is Open Redirector ? Open Redirect vulnerability allows attacker of an web application to redirect users to any external sites. Here, there is no validation of the passed input by attacker. This is basically used in phishing attacks. eg. http://site.com/redirect.php?url=http://evil.com/ Here, if…

Continue reading