Wednesday, 24 August 2016

Hostgator Open Redirection And Reflected XSS Vulnerability





Host gator was found vulnerable to Open Redirection & Reflected XSS

Vulnerable URL - https://www.hostgator.in/login.php?action=successful_login&newurl=http://google.com

Vulnerable Parameter = newurl

Impact : Allow attackers to trick the users to redirection to other(attacker) domain which can be use for phishing attacks. Etc.


Vulnerability details was notified to Hostgator Team and Successfully fixed by them.

Vulnerability is now fixed.



POC Video - 






No comments:

Post a Comment

Featured post

Yandex IMAP Brute Forcing(No Rate Limit For Login Attempts)

Hello Guyzssss, I am not in bug bounty so much, But while using one of the yandex service, I found that there was no Rate Limit Deploye...

Popular Posts