In fact, open redirect is considered a vulnerability commonly involved in phishing attacks.
http://www.owasp.org/index.php/Open_redirect On Wed, Jul 14, 2010 at 6:03 PM, Mario Vilas <[email protected]> wrote: > did you actually try the link? cause it worked for me... > > On Wed, Jul 14, 2010 at 12:14 PM, McGhee, Eddie <[email protected]>wrote: > >> come on what's funny about encoding a url? you don't see this as >> a vuln????? REALLY???? geez peace... >> ------------------------------ >> *From:* [email protected] [mailto: >> [email protected]] *On Behalf Of *Marshall >> Whittaker >> *Sent:* 13 July 2010 21:17 >> *To:* [email protected] >> *Subject:* [Full-disclosure] Google auto redirect >> >> I don't really consider this a vulnerability, but it's funny. >> >> >> http://www.google.com/search?q=%79%61%68%6F%6F&ie=ISO-8859-1&source=hp&hl=en&btnI=I%26%2339;%69%6D%2B%46%65%65%6C%69%6E%67%2B%4C%75%63%6B%79 >> >> -- oxagast >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > > -- > HONEY: I want to… put some powder on my nose. > GEORGE: Martha, won’t you show her where we keep the euphemism? > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
