Open Redirection found on sub domain of Stackoverflow



On open redirection was found by me on one of the sub-domain of Stackoverflow , A language-independent collaboratively edited question and answer site for programmers. It have a global alexa 54 which means lots of people visit the site daily and using this open redirection vulnerability an attackers can easily redirect the users to a malicious websites which can be used for phishing and similar attacks. Open Redirection occurs when vulnerable web page is being redirected to another web page via a user controllable input.




I reported about the vulnerability to them them and got a quick reply too but the vulnerability is not yet fixed due to which i will not be able to make the whole vulnerabiliy public. But once it is fixed i will surely make it open.