I offers security consulting services within the space of Penetration Testing , Ethical Hacking , Vulnerability Assessments and Security Code and Configuration Reviews ~

SquareUp Open Redirection

During Password resetting, I observe something, that Password token link is redirected first through subscriptions link. where 'r' is the parameter and value can be any website.
Steps To Reproduce:
1- After Password Reset email, Copy Link Address.

2- Address URI look like this: 

Video PoC: 


Remote Presentation Auth_key Issue In Prezi

Remote Presentation Auth_key Problem

Let me explain this issue with the following example.


abc is the presentation _ (1)
123 is second presentation. _ (2)

I start remote Presentation of abc. with constant parameter of all presentations ?follow=r_rk7caxdncs , and Auth_key ngwd219. Now I found someone Auth_key, Even every active Auth_key can start Remote Presentation of every work.
The Impact is so clear from the example. I can use Auth_key of abc with 123 presentation or vice versa. or any Active Auth_key can start the presentation.

One more issue is constant follow parameter in every post.

Gist: https://gist.github.com/zsellera/4fe26ee7c546a4d136f4