nytimes.com Open Redirect vulnerability

2017-04-26T08:43:00
ID OBB:227987
Type openbugbounty
Reporter keritzy
Modified 2017-11-25T19:41:00

Description

Vulnerable URL:
http://www.nytimes.com/adx/bin/adx_click.html?type=goto&opzn;&page;=www.nytimes.com/pages/nyregion/index.html&pos;=SFMiddle&sn2;=8dfce1f6/9926f9b3&sn1;=bbba504f/c0de9221&camp;=CouplesResorts_1918341&ad;=NYRegionSF_Feb_300x250-B5732328.10663001&goto;=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fddm%2Fclk%2F279541164%3B106630011%3Bs%3Fhttp%3A%2F%2Fopenbugbounty%2Eorg
Details:

Description| Value
---|---
Patched:| Yes, at 25.11.2017
Latest check for patch:| 25.11.2017 19:41 GMT
Vulnerability type:| Open Redirect
Vulnerability status:| Publicly disclosed
Alexa Rank| 123
VIP website status:| Yes

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 26 April, 2017 08:43 GMT
Notification sent to subscribers (without technical details)| 26 April, 2017 10:17 GMT
Vulnerability details disclosed by researcher| 27 April, 2017 03:51 GMT
Vulnerability patched by the website owner| 25 November, 2017 19:41 GMT