youtube.com Open Redirect vulnerability

2016-10-01T22:39:00
ID OBB:184522
Type openbugbounty
Reporter OwenOblivi
Modified 2016-10-16T16:30:00

Description

Vulnerable URL:
http://www.youtube.com/attribution_link?a=6ee39a164f0cea18acda271404b8fca3&u=/creator_message_report%3Furl%3Dhttps://openbugbounty.org/?link=http://ln.is/76fdf61b29c218051e0cd4763be0b2fc/gk9Yh?%252Fyoutube%252Fanswer%252F6140491%253Fhl%253Dru%26amp%3Bcg%3DAP5j8OIphsQb-oP1bJ4KPcqnxgPz8Ud_CHrTbqm1PoprzMpxb4PW1MgAnQsXDZZKm75hJRkxxIhsz4Iz9z5l5YKNA5f5-r0YByo23bEuQNiioReksRMVHnA44XbLPoRzfr8IT0A3YcfI2GJHIhIziO6D2S-BX8g7wxk41tM131_fZu3Zrd82Yj4N8MDXIIIJlKQ0Sly7iAqF%26amp%3Baction_c%3D1
Details:

Description| Value
---|---
Patched:| Yes, at 03.10.2016
Latest check for patch:| 03.10.2016 19:59 GMT
Vulnerability type:| Open Redirect
Vulnerability status:| Publicly disclosed
Alexa Rank| 2
VIP website status:| Yes
Check youtube.com SSL connection:| (Grade: A+)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 1 October, 2016 22:39 GMT
Notification sent to subscribers (without technical details)| 2 October, 2016 02:17 GMT
Vulnerability details disclosed by researcher| 15 October, 2016 23:14 GMT
Vulnerability patched by the website owner| 16 October, 2016 16:30 GMT