I found a new way to exploit Open Redirect at the “redirect” parameter on the login page by using the Chinese dot (%E3%80%82
) to bypass the dot (.) filter.
redirect
/%09/google%E3%80%82com
Send users the following login link https://www.showdoc.com.cn/user/login?redirect=/%09/google%E3%80%82com
After users use their registered accounts to login, they will be redirected to google.com
By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.