Infogram: A10 – Unvalidated Redirects and Forwards

ID H1:283269
Type hackerone
Reporter romanshyadav
Modified 2017-11-09T13:08:19


Web applications frequently redirect and forward users to other pages and websites, and use untrusted data to determine the destination pages. Without proper validation. when i intercept the twitter request and change it to the google then it will redirect you to the google. application should also verify the original request from the browser.