Hi, @abdilahrf and I found open redirection vulnerability on the PopojiCMS. The vulnerable code is on index.php file line number 101
notice the parameter refer was used by the code to redirect the user's to another page. So by crafting a request that using the POST method and contains the refer parameter, we could control where to redirect the user.
The text was updated successfully, but these errors were encountered:
Hi, @abdilahrf and I found open redirection vulnerability on the PopojiCMS. The vulnerable code is on index.php file line number 101


notice the parameter refer was used by the code to redirect the user's to another page. So by crafting a request that using the POST method and contains the refer parameter, we could control where to redirect the user.
The text was updated successfully, but these errors were encountered: