Open Redirect in Flattr
June 11, 2020 ◦ 1 min ◦
This bug in Flattr was a low-impact Open Redirect that allowed an attacker to redirect the victim after authorizing Twitter.
PoC
Visit the URL
https://flattr.com/settings/connect/twitter?redirect=https://eval.blog
After authorization, user will be redirected to eval.blog.