Issue metadata
Sign in to add a comment
|
Open redirection
Reported by
shubhu...@gmail.com,
Dec 20 2016
|
||||||||||||||||||
Issue descriptionOpen redirection link :- https://www.google.co.in/imgres?imgurl=http%3A%2F%2Fwww.zooundco24.de%2Fuploads%2Ftx_news%2FFotolia_18657342_farbkombinat.jpg&imgrefurl=http%3A%2F%2Fwww.zooundco24.de%2Funsere-maerkte%2Fueber-zoo-co%2Fpresse%2Fartikel%2Fkatzenaugen-im-dunkeln-ist-gut-funkeln%2F&docid=uZFHhleO2V1xxM&tbnid=YPhFJrPg8ZVmqM%3A&vet=1&w=598&h=457&bih=834&biw=1537 link-after modifucation :- https://www.google.co.in/imgres?imgurl=https://www.facebook.com/&imgrefurl=https://www.facebook.com/&docid=uZFHhleO2V1xxM&tbnid=YPhFJrPg8ZVmqM%3A&vet=1&w=598&h=457&bih=834&biw=1537 VULNERABILITY DETAILS Open redirection is the issue in which a link is prepare to redirect the particular page into another specific page is also able by victim to pass the page into the target wishes by attacker . VERSION Chrome Version:Chrome 55.0.2883.87 Operating System: windows 7 REPRODUCTION CASE Through this open redirection technique a attacker tries to switch the user to his page which contain some fishing content by the sophisticated website. More about this issue :- https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004)
,
Dec 20 2016
1. We do not consider open redirectors to be a security vulnerability - see https://sites.google.com/site/bughunteruniversity/nonvuln/open-redirect for more details on this. 2. Even if we did, this isn't a security issue with Chromium as it's following the HTTP spec when performing a redirection. |
|||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||
Comment 1 by shubhu...@gmail.com
, Dec 20 2016