Open Redirect in archivy/archivy
Feb 16th 2022
The application doesn't check the target website before redirecting leads to Open Redirect vulnerability.
Proof of Concept
Install local service for testing
- Step 1: Go to http://127.0.0.1:5000/login?next=%2F%2fevil.com
- Step 2: Enter valid credential, you will be redirect to evil.com
- PoC: https://drive.google.com/file/d/1mwGtImU2srYZ_3FlHQBrAJFzt3PyZQzM
Attackers can redirect users to any website and perform phishing attacks.
A archivy/archivy maintainer validated this vulnerability a year ago
nhiephon has been awarded the disclosure bounty
The fix bounty is now up for grabs
A archivy/archivy maintainer marked this as fixed in 1.7.0 with commit 2d8cb2 a year ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
to join this conversation