Infogram: A10 – Unvalidated Redirects and Forwards

2017-10-26T15:23:12
ID H1:283269
Type hackerone
Reporter romanshyadav
Modified 2017-11-09T13:08:19

Description

https://infogram.com/login

Web applications frequently redirect and forward users to other pages and websites, and use untrusted data to determine the destination pages. Without proper validation. when i intercept the twitter request and change it to the google then it will redirect you to the google. application should also verify the original request from the browser.