Open Redirect in blogifierdotnet/blogifier
Apr 12th 2022
An Open Redirect vulnerability enables attacker to redirect the victims/users to malicious websites. The bug exists due to improper fix of https://huntr.dev/bounties/bac0b763-730c-4c4b-8b20-eb4926928cf3/. By using double
/ it is possible to bypass the check for http at the beggining of url and get open redirect
Proof of Concept
The url below is vulnerable to open redirect after login. It will redirect the user to any arbitrary site.
Open redirect to any site