Open Redirect Vulnerability in Netflix Security Monkey

Open Redirect Vulnerability in Netflix Security Monkey

CVE-2017-7266 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout functionality accepted the "next" parameter which then redirects to any domain irrespective of the Host header.

Learn more about our Web Application Penetration Testing UK.