Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open Redirection Vulnerability #22

Open
avltree9798 opened this issue Oct 19, 2019 · 1 comment

Comments

@avltree9798
Copy link

@avltree9798 avltree9798 commented Oct 19, 2019

Hi, @abdilahrf and I found open redirection vulnerability on the PopojiCMS. The vulnerable code is on index.php file line number 101

notice the parameter refer was used by the code to redirect the user's to another page. So by crafting a request that using the POST method and contains the refer parameter, we could control where to redirect the user.

@DwiraSurvivor

This comment has been minimized.

Copy link
Contributor

@DwiraSurvivor DwiraSurvivor commented Nov 4, 2019

Terima kasih untuk temuan ini. Kami sebagai pengembang akan segera memperbaiki masalah ini di versi berikutnya.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.