Back to directory
WRITEUP #6327

Airbnb – Chaining Third-Party Open Redirect into Server-Side Request Forgery (SSRF) via LivePerson Chat

SSRFOpen redirectPath traversal
by@bbuerhaus(Brett Buerhaus)
Program
Airbnb
Published
Mar 9, 2017
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://buer.haus/2017/03/09/airbnb-chaining-third-party-open-redirect-into-server-side-request-forgery-ssrf-via-liveperson-chat/
RELATED WRITEUPS
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough
AI / LLMAI
IIS welcome page to source code review to LFI!
SSRFLFI
Traccar 5 Remote Code Execution Vulnerabilities
RCEUnrestricted file upload
NTLM Credential Theft in Python Windows Applications
SSRFNTLMv2 hash disclosure

Built with ❤️ by Shubham Rawat