DEV Community

0xcrypto
0xcrypto

Posted on • Originally published at hackberry.xyz on

Open Redirect in Flattr

Summary

This bug in Flattr was a low impact Open Redirect that allowed attacker to redirect the victim after authorizing Twitter.

PoC

https://flattr.com/settings/connect/twitter?redirect=https://hackberry.xyz

Enter fullscreen mode Exit fullscreen mode

Timeline

  • Found vulnerability - 5th June, 2020
  • Made contact with Flattr - 5th June, 2020
  • Reported vulnerability - 9th June, 2020
  • Bug fixed - 11th June, 2020

Reference

  1. https://cwe.mitre.org/data/definitions/601.html

Top comments (0)

Postmark Image

Speedy emails, satisfied customers

Are delayed transactional emails costing you user satisfaction? Postmark delivers your emails almost instantly, keeping your customers happy and connected.

Sign up

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay