Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

Open redirect

Medium
N
Nord Security
Submitted None
Actions:
View on HackerOne
Reported by nickelheck

Vulnerability Details

Technical details and impact analysis

Open Redirect
The following URL is vulnerable to an open redirect (it will redirect to google.com): https://support.nordvpn.com/#/path///google.com vulnerable code: ``` <script> if (window.location.href.indexOf('#/path') !== -1) { console.log("document.URL", document.URL) window.location.href = document.URL.slice(window.location.href.indexOf('#/path') + 6); } </script> ``` ## Impact Users could get redirected to malicious domain.

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Submitted

Weakness

Open Redirect