"Open redirection is listed in the OWASP Top 10 for 2013, since it is still an active threat in many web applications. Open redirection/un-validated redirect happens when a vulnerable web
page is redirected to an untrusted and malicious page that is under the control of attacker. Open redirection attacks usually come with a
phishing attack because the modified vulnerable link is identical to the
original site, which increases trust factor of link and increases success of
phishing attack."
So with this Note here again I am uploading a video of one of my old finding related to un-validated redirect in Squareup.
The redirect was there in subscription feature of square-up web application.But it went Duplicate as team internally picked up the issue.
Bug status:Fixed
So with this Note here again I am uploading a video of one of my old finding related to un-validated redirect in Squareup.
The redirect was there in subscription feature of square-up web application.But it went Duplicate as team internally picked up the issue.
Bug status:Fixed
0 comments:
Post a Comment