Open Redirect in microweber/microweber

Valid

Reported on

Feb 13th 2022


Description

An Open Redirect vulnerability enables attacker to redirect the victims/users to malicious websites. The bug exists due to improper fix of https://huntr.dev/bounties/c9d586e7-0fa1-47ab-a2b3-b890e8dc9b25/. By adding an extra slash / the previous fix can be bypassed.

Proof of Concept

Visit https://demo.microweber.org/demo/api/logout?redirect_to=https:///evil.com

The above url will redirect you to evil.com

Impact

This issue can be leveraged to phishing attacks.

We are processing your report and will contact the microweber team within 24 hours. 2 years ago
We have contacted a member of the microweber team and are waiting to hear back 2 years ago
Bozhidar
2 years ago

Maintainer


https://github.com/microweber/microweber/commit/99cab88b5a139486db5246112dd8a2635639ce1b

Peter Ivanov validated this vulnerability 2 years ago
kushagrasarathe has been awarded the disclosure bounty
The fix bounty is now up for grabs
Peter Ivanov marked this as fixed in 1.2.11 with commit acfc6a 2 years ago
Peter Ivanov has been awarded the fix bounty
UserManager.php#L258-L277 has been validated
0x2374
2 years ago

No bounty?

to join this conversation