- AKA : Unvalidated Redirects & Forwards
Theory
Defination
Open redirects happen when the web application takes an untrusted input and redirects a user from the web application to untrusted site or resources that will be used further for malicious purposes.
Impact
The impact for Open Redirect is usually low, unless you are using it to escalate other vulnerabilities.
Troubles while exploiting
Sometime the application may have some security measures in place where the developers define a list of either trusted or untrusted resources.
In some cases, you may be able to bypass it, if you fully understand how it works.
- Filtering and Bypasses
Payloads to try
https://jaysoni.org
https://www.google.com@jaysoni.org
https://jaysoni.org.www.google.com