Mozilla's MozTrap site suffers from an open redirection vulnerability.
d14a24b1c88fead5b6dfecfaa52ff025cf6179a20b8a5100bee42322f1b91efc
# Title: moztrap.mozilla.org URL Redirection Vulnerability
# Discovery Date: 15/04/13 | Release Date: 13/06/13
# Author: Junaid Hussain [ illSecure Research Group ]
# Contact: illSecResearchGroup@Gmail.com | Website: illSecure.com
# Risk: Low
--------------------------------------------------------------------------------------
> Introduction:
The login page on moztrap.mozilla.org requires a user to login
using Mozilla Persona, once a user signs in successfully
they are redirected to the page stated in the "?next=" parameter,
(Example: https://moztrap.mozilla.org/users/login/?next=/results/runs/)
An attacker can change the value of the parameter and redirect
moztrap and persona users to malicious sites such as phishing sites
or sites with malware.
> Example of URL Redirection Vulnerability:
https://moztrap.mozilla.org/users/login/?next=http://illsecure.com
> Proof Of Concept Video:
http://www.youtube.com/watch?v=06N1sWt54qk
- Junaid Hussain - http://illSecure.com - Security Is An Illusion
--------------------------------------------------------------------------------------
Original: http://www.illsecure.com/2013/06/mozilla-moztrap-url-redirection.html