How I found Open Redirect on Hashnode.com

Good day to all Bug Hunters again I’m Jefferson Gonzales and today I will share my findings on Hashnode.com

On July 30 my friend Shuvam Adhikari posted a writeup on how he got a SWAG from Hashnode.com so after reading he’s writeup I also try to hunt on Hashnode.com and I found Open Redirect Vulnerability

When I login to Hashnode.com I found this parameter

https://hashnode.com/login?next=/settings

When I login my account it redirect me to

https://hashnode.com/settings

Then I change the value of ?next= parameter to http://google.com

https://hashnode.com/login?next=http://google.com

Then login again my account and it redirect me to Google.com this confirm that its vulnerable to Open Redirect, but I have a problem only google.com, github.com and facebook.com will work in redirection, if you put other domains it will not redirect but I found a way to bypass it using \\ double backslash

https://hashnode.com/login?next=\\evil.com

When I login my account it redirect me to evil.com and successfully bypassed

Hashnode Appreciation:

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jefferson Gonzales

Jefferson Gonzales

I'm 18 years old from Philippines a part-time bug bounty hunter and pentester