$500 Bug Bounty:Open Redirection via OAuth on Shopify
1 min read
Summary
A vulnerability has been discovered in the Shopify OAuth flow, which could allow an attacker to redirect users to phishing sites.
The issue lies in the way that the redirect_uri parameter is validated in the OAuth implementation.
If an invalid scope is passed in the parameter, it is possible to redirect users to arbitrary external sites, including potential phishing pages.
The vulnerability has been confirmed and rewarded through the Shopify bug bounty program, with a $500 award.
This discovery highlights how critical it is for strict validation to be conducted on parameters such as redirect_uri and scope in order to secure OAuth implementations.
To prevent such vulnerabilities, developers are advised to adopt the proper security precautions, including input validation, filtering, and stringent access control.