Twitter Analytics Open Redirect

Twitter Analytics suffers from an open redirection vulnerability that can assist in phishing attacks.


MD5 | b858a12b83a7ea59bdac1ce37580e2f8

================================================================================Twitter Analytics Open Redirect Vulnerability  
================================================================================





# Credit by Asheesh Anaconda

Description

An open redirect vulnerability exists in Twitter Analytics that could
lead to spoofing. To exploit the vulnerability, an attacker could send a
link that has a specially crafted URL and convince the user to click the
link.


Steps To Reproduce:

Replace the phishing url with any website
http://analytics.twitter.com/daa/0/daa_optout_actions?action_id=3&&rd=<phishing
url>
http://analytics.twitter.com/daa/0/daa_optout_actions?action_id=3&&rd=https://www.google.com

Related Posts