wpha.org Open Redirect vulnerability

2017-03-25T15:37:00
ID OBB:220975
Type openbugbounty
Reporter fakessh
Modified 2017-05-06T16:15:00

Description

Vulnerable URL:
http://www.wpha.org/link.asp?e=@@email@@&job;=2819746&ymlink;=93672088&finalurl;=https%3A%2F%2Fwww.openbugbounty.org%2Fv2%2Furl%3Fu%3Dhttp-3A__action.apha.org_site_R-3Fi-3DooeP7y5yRh56JHhd3DG9DQ%26d%3DCwMGaQ%26c%3DbyefhD2ZumMFFQYPZBagUCDuBiM9Q9twmxaBM0hCgII%26r%3Dn_mI_-Y0wWYDOifkI51UJhrMOE8RxO8HSX3jd1N6ja0%26m%3D5nrD7ZrkqFn70LEU1ynFmD72KGFBqc-8Aa864TrElVo%26s%3DoX0TkTCmfQhg15-7YfrhsJvbJ5N8ltfYZVP-30Rb2QY%26e%3D
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 28.07.2017
Vulnerability type:| Open Redirect
Vulnerability status:| Publicly disclosed
Alexa Rank| 7324659
VIP website status:| No
Check wpha.org SSL connection:| (Grade: B-)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 25 March, 2017 15:37 GMT
Notification sent to subscribers (without technical details)| 25 March, 2017 18:17 GMT
Vulnerability details disclosed by researcher| 6 May, 2017 16:15 GMT