Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

Open redirect on https://hq-api.upserve.com/

Medium
U
Upserve
Submitted None

Team Summary

Official summary from Upserve

The return_to parameter on https://hq-api.upserve.com/auth/auth0?prompt=none&return_to= was not validated and allowed an open redirect.

Actions:
View on HackerOne
Reported by b3fa5e9aab949ed4574c10d

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Submitted

Weakness

Open Redirect