FirstBlood-#134 — Open redirect on /drpanel/logout.php
This report has been reviewed and accepted as a valid vulnerability on FirstBlood!
On 2021-05-10, 0xblackbird reported:
Hello! I found an open redirect on
logout.php. So far, I wasn't unfortunately been able to escalate it unfortunately. But if I do find another way to escalate this issue, I will make sure to update this report.
Proof of concept url
Steps to reproduce
- Visit the proof of concept url,
- You'll see that it will redirect us to https://example.com . This happend because the filter checks for several things but not the host.
Have a nice day!
This report has been publicly disclosed for everyone to view
FirstBlood ID: 1
Vulnerability Type: Open Redirect
There is an open url redirect vulnerability on /logout.php. The code expects it to start with / and does not allow to redirect to external domains but this can be bypassed.
Respect Earnt: 1000000
is an experimental cryptocurrency based on the Ethereum blockchain with the mission to show respect to those who deserve it. We are testing it out on our FirstBlood hackevent.