OkCupid: Login destination open redirection

2014-03-03T23:01:29
ID H1:2989
Type hackerone
Reporter smiegles
Modified 2014-05-01T23:02:22

Description

Hi,,

I found an open redirection vulnerability, it works when you are signed IN : http://www.okcupid.com/login?dest=http://www.google.com/

Best regards,

Olivier Beg