| 제목 | Freshworks Inc freshwork v1.2.3 Open Redirect |
|---|
| 설명 | Vulnerability Description
A GET-based Open Redirect was identified in the logout functionality of Freshwork Product v1.2.3. The application’s logout endpoint accepts a post_logout_redirect_uri parameter from the query string and uses it directly to construct the destination URL after logout, without sufficient validation or sanitization.
This allows an attacker to craft a malicious link that, when clicked, logs out the user and then redirects them to an attacker-controlled site. Such behavior can be abused for phishing campaigns, session termination attacks, or to trick users into trusting a malicious site.
Steps to reproduce:
1. Make a GET request to below URL and define any attacker controlled domain in the post_logout_redirect_uri parameter, result will be redirected to the specified domain.
https://[orgination_name].myfreshworks.com/api/v2/logout?post_logout_redirect_uri=https://evil.com |
|---|
| 원천 | ⚠️ https://drive.google.com/file/d/1U-xaC1pqnregoZGefyNAykhUnvnuG6hb/view?usp=sharing |
|---|
| 사용자 | kushkira (UID 60170) |
|---|
| 제출 | 2025. 08. 25. AM 10:27 (10 개월 ago) |
|---|
| 모더레이션 | 2025. 09. 10. PM 02:44 (16 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 323487 [Freshwork 까지 1.2.3 /api/v2/logout post_logout_redirect_uri Redirect] |
|---|
| 포인트들 | 20 |
|---|