Open redirect via HTML file upload

If an application allows uploading HTML files and later serves them from a trusted domain, an attacker can upload an HTML page that immediately redirects visitors to an external site (e.g., for phishing).

Example (meta refresh redirect)

html

<!DOCTYPE html>
<html>
  <head>
    <meta http-equiv="refresh" content="0; url=https://handbook.syslifters.com">
    <title>Redirecting...</title>
  </head>
  <body>
    <p>If you are not redirected automatically, <a href="https://handbook.syslifters.com">click here</a>.</p>
  </body>
</html>

Network enumeration

Kerberos delegation

Basic knowledge

Misconfigurations

Open redirect via HTML file upload

Example (meta refresh redirect)

Open redirect via HTML file upload ​

Example (meta refresh redirect) ​

Open redirect via HTML file upload

Example (meta refresh redirect)