This repository has been archived by the owner on Dec 5, 2023. It is now read-only.
Security - Open Redirection #104
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The website allows open redirection. If you enter a URL of https://socks.weave.works///google.com the application redirects the user to google.com.
This can be used in a phishing attack.
I believe it is tied to how we have configured express.
The text was updated successfully, but these errors were encountered: