Open redirection in 99design


Open redirection in 99design – Bug Bounty POC

This post is published by Bug Bounty POC on the request of Danyal Zafar as a guest writer.Note that the post is written by Danyal Zafar & any mistake in writing will be entertained only from him We allow anyone to write contents on our blog as a guest so other can also learn.If you’re interested in sharing your finding through Bug Bounty POC Platform contact us on facebook group or via email

Hello Bug Bounty POC Viewer  my name is Daniyal Zafar and this is my first write up on the platform of Bug Bounty POC.Today i will share an Open redirection in 99design . i was really surprised what that bug because i’ve seen alot of websites but that implementation of password reset i can’t forget it .I was looking for XSS, CSRF etc bugs in 99designs. Meanwhile i wanted to login and i forgot my password as most of us normally do so i tried to reset my password and in the process i looked at the URI and it was having some parameters(as you can see i’ve replaced one parameter with .Then i reloaded and everything seemed well & good . i typed my email and sent the password reset request . i was excited to see the link which the 99design sent to me was containing the same parameter value . i clicked on the link and went through the usual process of entering new password twice and to my surprise upon submiting the request i was redirect to

Open redirection in 99design Video POC:

Happy Sharing !

You may also like...

3 Responses

  1. Sharonda Chu says:

    You made a number of good points there. I did a search on the topic and found the majority of persons will have the same opinion with your blog.

  2. I just want to mention I am just newbie to blogs and actually loved your blog site. More than likely I’m want to bookmark your website . You amazingly come with beneficial writings. Thank you for revealing your blog site.

  3. Khalid Amin says:

    How did you contact 99designs ?!

Leave a Reply

Your email address will not be published. Required fields are marked *