Multiple Open redirect in sissbruecker/linkding


Reported on

Mar 19th 2022


There exist multiple open redirect in the get parameter return_url . I found it in bookmarks/<int:bookmark_id>/edit , bookmarks/<int:bookmark_id>/remove, bookmarks/<int:bookmark_id>/archive, bookmarks/<int:bookmark_id>/unarchive, bookmarks/bulkedit

Proof of Concept

1. Login in the demo instance
2. Go to
3. You will be redirected to


Open Redirect

We are processing your report and will contact the sissbruecker/linkding team within 24 hours. 2 years ago
We created a GitHub Issue asking the maintainers to create a 2 years ago
sissbruecker/linkding maintainer has acknowledged this report 2 years ago
2 years ago


Thanks for reporting this @noobexploiterhuntrdev. Given the self-hosting scenario I don't this this is super critical, but can be fixed all the same.

Thinking about possible solutions here, how about checking that the redirect URL starts with a slash (/), and if not then redirect to a default route?

2 years ago


Hi. Yeah, that looks like a good fix.

We have contacted a member of the sissbruecker/linkding team and are waiting to hear back 2 years ago
Sascha Ißbrücker validated this vulnerability 2 years ago
noobexploiterhuntrdev has been awarded the disclosure bounty
The fix bounty is now up for grabs
Sascha Ißbrücker marked this as fixed in 1.8.6 with commit edb712 2 years ago
The fix bounty has been dropped has been validated has been validated
to join this conversation