Hackerone was vulnerable to URL Redirection vulnerability i reported this URL redirection vulnerability before 2-3 days, but the hackerone rejected me and changed the status to non-applicable with following reply.
But the main thing is that what if i make a phishing page of Hackerone and redirect h1 user to hackerone.com../..@h1phishingsite.com then this must be a security issue.
The bad thing is, after saying me that it is non applicable,the hackerone team fixed it. So, if it is non applicable, so why they fixed it...
No comments:
Post a Comment