traveltriangle.com Open Redirect vulnerability

2018-01-16T16:19:00
ID OBB:526599
Type openbugbounty
Reporter ju57m0rph3u5
Modified 2018-02-16T08:35:00

Description

Open Bug Bounty ID: OBB-526599

Description| Value
---|---
Affected Website:| traveltriangle.com
Vulnerable Application:| Custom Code
Vulnerability Type:| Open Redirect / CWE-601
CVSSv3 Score:| 3.4 [CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N]
Disclosure Standard:| Coordinated Disclosure based on ISO 29147 guidelines
Remediation Guide:| OWASP Open Redirect Cheat Sheet

Vulnerable URL:
http://traveltriangle.com/handle_link_authentication?new_page=https%3A%2F%2Fopenbugbounty.org%2Frequested_trips%2F2315964-Testing&token;=rOaSQJXf0v1F4Aevbhw6moBa5pQJxMxdG7HN58OTNKk%3D&cta;_role=traveller&utm;_nooverride=1&tracked;_email_id=12463308&tt;_mailer=confirm
Coordinated Disclosure Timeline

Description| Value
---|---
Vulnerability Reported:| 16 January, 2018 16:19 GMT
Vulnerability Verified:| 16 January, 2018 16:21 GMT
Website Operator Notified:| 16 January, 2018 16:21 GMT
Vulnerability Published:| 16 January, 2018 16:21 GMT[without any technical details]
Vulnerability Fixed:| 16 February, 2018 08:35 GMT
Public Disclosure:| 16 February, 2018 08:35 GMT