Download Ransomware Index Update Q1 2022
Back to all zero days

Open Redirect in WSO2 Product

Affected Vendor





Feb 10, 2020

Medium Severity


Client-side open redirect arises when an application incorporates user-controllable data into the target of a redirection in an unsafe way. XSS payload is allowed to redirect the user to the external domain in the product WSO2 Identity Server version 5.9.0.

Proof of concept: (POC)

The following vulnerability was tested on WSO2 Identity Server Manager version 5.9.0 Product.

Issue 01: Client-side URL Redirection.

Figure 01: Navigating to the Policy Administration and Clicking the Add New Entitlement Policy Link.

Figure 02: Clicking the Write Policy in XML opens the URL and Editor.

Figure 03: Entering the domain in the variable CallbackURL.

Figure 04: Entered domain saved in the DOM object and reflected in the Response body.

Figure 05: Forwarding the request and clicking the Cancel button triggers the URL navigation script and redirects to the custom entered domain.


An attacker can construct a URL within the application that causes a redirection to an arbitrary external domain. This behavior can be leveraged to facilitate phishing attacks against users of the application.


Download and apply the relevant fixes based on the change