New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open redirect vulnerability in /user/login?redirect= #905
Comments
|
@tobbexiv ,Please look at this issue,Thanks |
|
Hello whiteHat001, it is only possible to pass local paths to the redirect argument. A redirect to "https://www.google.com" dose not work for me. For future security related issues please mail to info@pagekit.com. Best Regards |
|
Please use this payload :http://domain/pagekit-1.0.13/user/login?redirect=https://www.facebook.com If you have logged in,it will be redirected to facebook. @MalteScharenberg |
|
@whiteHat001 Open redirect dose not work for me with the payload you provided, but I identified some inputs which were able to exploit our filters. 59e99e2 fixes this. Dose 59e99e2 also work on your system? Thanks for reporting! |
|
Yes,It works well for me.I can't reproduce. |

Technical Details
Pagekit version: 1.0.13
Web server: Apache
Database: Mysql
PHP Version: 5.6.27
Hello, I found a open redirect vulnerability.
Detail:
After a user login ,access this url http://domain/user/login?redirect=https://www.google.com, It will redirect to google.
Author:
zhihua.yao from DBAPPSecurity
The text was updated successfully, but these errors were encountered: