pixel.mathtag.com Open Redirect vulnerability

2016-02-13T22:04:00
ID OBB:134287
Type openbugbounty
Reporter ozergoker
Modified 2016-03-10T22:45:00

Description

Vulnerable URL:
http://pixel.mathtag.com/click/img?mt_aid=3866936248073612576&mt;_id=2196347&mt;_adid=136746&mt;_sid=723872&mt;_exid=4&mt;_inapp=0&mt;_uuid=5291eb2c-7127-ded8-d9ab-8615cd2d3389&mt;_3pck=https%3A//adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdESIIKi_VtG3J5DHoAOP5ay4BK7PjaMDhsqXsVrAjbcBEAEgAGC7vq6D0AqCARdjYS1wdWItNTYxMDUyMTQ5MTE4NDc4OcgBCagDAaoEgQFP0K6sTYPjWwIAbWLMTWJiMgGYNM4DIr5V3KVGCahJNcoUC_t9KOAKl6P4eK7iNCKyIgRT7ymkcD1gaSr-0_m6ytu8JPniAIKy6xstg5okRtD0v65Jd1iDqpko5TV26QMwxc8HW3FcT4nncgWuob1oui1p5_t3ijXIz8fnGPGaE3CABs3xrrCmtNTpiQGgBiHYBwA%26num%3D1%26sig%3DAOD64_1xSUjkRG9ivg_RsYBj6p6BE3VBUQ%26client%3Dca-pub-5610521491184789%26adurl%3D&redirect;=https://www.xssposed.org
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 30.07.2017
Vulnerability type:| Open Redirect
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
Google Pagerank| 0
VIP website status:| No
Check pixel.mathtag.com SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 13 February, 2016 22:04 GMT
Vulnerability existence verified and confirmed| 14 February, 2016 09:48 GMT
Vulnerability details disclosed by researcher| 10 March, 2016 22:45 GMT