As long as you can redirect it to a uri instead of an actual website i'd class this as xss, theres a reason google hasn't patched the open redirect vulns on their site because it doesnt allow a redirect to data: or a javascript: urlSpam404Online wrote:Interesting though since it's arguably not an XSS vulnerability on the website.x1admin wrote:if redirect via js we accept xss
I see it as misinformation in fact as reporting the vulnerability to the website owner would trigger them to patch the open redirect vulnerability.
Submissions for chase.com and mcafee.com
Re: Submissions for chase.com and mcafee.com
OWASP considers it as XSS.Spam404Online wrote:Interesting though since it's arguably not an XSS vulnerability on the website.x1admin wrote:if redirect via js we accept xss
I see it as misinformation in fact as reporting the vulnerability to the website owner would trigger them to patch the open redirect vulnerability.
Also you're saying this like its a bad thing that someone would be prompted to patch an open redirect.
-
- Posts:296
- Joined:Mon Nov 23, 2015 6:43 pm
- Contact:
Re: Submissions for chase.com and mcafee.com
That's a good example with Google. I guess I see why they're considered XSSLewis wrote:As long as you can redirect it to a uri instead of an actual website i'd class this as xss, theres a reason google hasn't patched the open redirect vulns on their site because it doesnt allow a redirect to data: or a javascript: url
That's not what I'm saying. I simply meant if the open redirects were patched with validation etc it would inadvertently patch the XSS vulnerability tooret2libc wrote:OWASP considers it as XSS.
Also you're saying this like its a bad thing that someone would be prompted to patch an open redirect.
But, thanks for sharing the OWASP links and like I said to Lewis, I can now see why they're considered XSS. I'm fairly new to app sec so discussions like this are very beneficial for me!
Who is online
Users browsing this forum: No registered users and 2 guests