Showing posts from January, 2019

A Tricky Open Redirect

  Hello Friends, Today, I'm gonna share one of my coolest finding that how I found an Open-Redirect vulnerability on private site of Bugcrowd. Open Redirect: Open redirect is a security flaw in an app or a web page that causes it to fail to properly authenticate URLs.Open redirect occurs when a web page is being redirected to another URL in another domain via a user-controlled input. How I found Open Redirect vulnerability? In my free time, I was looking for bugs and at the same time, I received an Invitation on Bugcrowd.  I visit the site and registered an account on that site. I can't disclose the website name, so let’s assume So, I found this normal login endpoint ie Next, I try some open redirect payloads on next parameter ie next Url = or next Url =// and others but nothing worked.  I randomly put after next paramter ie https://redacted.c

Tabnapping Vulnerability in Edge Browser [Unpatched]

Hello Friends, Recently, I found a bug in Edge browser which allows hackers to perform TabNapping attack because the browser doesn't support rel="noopener" tag. If you don't know about tabnabbing or tabnapping, then visit this  PoC : Open Edge browser and visit this post [ ] Next, click on the link given below [ ] Your previous tab will be redirected to which proves the vulnerability. You can also check this on Chrome and Firefox. Prevention:   To prevent this, developer should use the complete tag ie rel="nofollow noopener noreferrer". Hope Microsoft will fix this bug and other bugs in Future.