Description :
Open redirects and forwards are possible when a web application accepts untrusted
input that could cause the web application to redirect the request to a URL contained within untrusted
input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a
phishing scam and steal user credentials. Because the server name in the modified link is identical to the
original site, phishing attempts may have a more trustworthy appearance. Unvalidated redirect and
forward attacks can also be used to maliciously craft a URL that would pass the application’s access
control check and then forward the attacker to privileged functions that they would normally not be
able to access.
Impact :
Force user go to untrusted website from codepolitan website
Location of bug :
https://www.codepolitan.com/users/login?callback=
Payload :
Reproduce :
1. Open https://www.codepolitan.com/users/login?callback=http://attacker.com
2. Login, and you will be redirect to evil.com
Conclusion :
Open redirect make user not safe because force user go to untrusted website ( scam
/phising) without user know
Video :
Note :
Codepolitan crew its very fast on patch the bug, and them also will give me the SWAG and add my name on their hall of fame, yeay !
Credit :