DEV Community

0xcrypto
0xcrypto

Posted on • Originally published at hackberry.xyz on

Open Redirect in Flattr

#hacking #bugsanderrors

Summary

This bug in Flattr was a low impact Open Redirect that allowed attacker to redirect the victim after authorizing Twitter.

PoC 

https://flattr.com/settings/connect/twitter?redirect=https://hackberry.xyz
Enter fullscreen mode Exit fullscreen mode

Timeline

  • Found vulnerability - 5th June, 2020
  • Made contact with Flattr - 5th June, 2020
  • Reported vulnerability - 9th June, 2020
  • Bug fixed - 11th June, 2020

Reference

  1. https://cwe.mitre.org/data/definitions/601.html

Top comments (0)

profile
Neon
 Promoted

Billboard image

Create up to 10 Postgres Databases on Neon's free plan.

If you're starting a new project, Neon has got your databases covered. No credit cards. No trials. No getting in your way.

Try Neon for Free →

Read next

diwakar810 profile image

Sample Title

Diwakar kothari -

jajera profile image

Optimizing AWS EventBridge - Default vs. Custom Event Buses and Best Practices

John Ajera -

jordankeurope profile image

How Can Module Testing Improve the Overall Quality Of Software Products?

Jordan Knightin -

turingvangisms profile image

TS1325: Argument of dynamic import cannot be spread element

Turing -

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay