URL redirection Vulnerability in Google & Facebook
Vulnerability is a security breach.URL redirection is kind of fishy
An open redirect is a vulnerability that exists when a script allows redirectionto an external site by directly calling a specific URL in an unfiltered,unmanaged fashion, which could be used to redirect victims to unintended,malicious web sites. A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect.
Vulnerability in Google: – reported in Google by “Ucha Gobejishvili ( longrifle0x )“
Vulnerability in Facebook: – Discovered by ZeRtOx from Devitel group
- The user may be redirected to an untrusted page that contains malware which may then compromise the user’s machine.
- The user may be subjected to phishing attacks by being redirected to an untrusted page.
~~Information shared for awareness purpose~~