Open redirection in 99design – Bug Bounty POC
This post is published by Bug Bounty POC on the request of Danyal Zafar as a guest writer.Note that the post is written by Danyal Zafar & any mistake in writing will be entertained only from him We allow anyone to write contents on our blog as a guest so other can also learn.If you’re interested in sharing your finding through Bug Bounty POC Platform contact us on facebook group or via email email@example.com.
Hello Bug Bounty POC Viewer my name is Daniyal Zafar and this is my first write up on the platform of Bug Bounty POC.Today i will share an Open redirection in 99design . i was really surprised what that bug because i’ve seen alot of websites but that implementation of password reset i can’t forget it .I was looking for XSS, CSRF etc bugs in 99designs. Meanwhile i wanted to login and i forgot my password as most of us normally do so i tried to reset my password and in the process i looked at the URI and it was having some parameters(as you can see i’ve replaced one parameter with https://facebook.com) .Then i reloaded and everything seemed well & good . i typed my email and sent the password reset request . i was excited to see the link which the 99design sent to me was containing the same parameter value . i clicked on the link and went through the usual process of entering new password twice and to my surprise upon submiting the request i was redirect to facebook.com.
Open redirection in 99design Video POC:
Happy Sharing !