Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Office365 Autodiscover - Open Redirect" module is designed to detect an open redirect vulnerability in Office365 Autodiscover. This vulnerability allows an attacker to redirect a user to a malicious site, potentially leading to the disclosure of sensitive information or unauthorized modification of data. The severity of this vulnerability is classified as medium.
This module was authored by dhiyaneshDk.
An open redirect vulnerability in Office365 Autodiscover can have serious consequences. By exploiting this vulnerability, an attacker can trick users into visiting malicious websites, leading to potential data breaches, phishing attacks, or the installation of malware on their devices. This can result in the compromise of sensitive information, unauthorized access to accounts, and other security risks.
The "Office365 Autodiscover - Open Redirect" module sends a GET request to the "/autodiscover/autodiscover.json/v1.0/{randomText}@interact.sh?Protocol=Autodiscoverv1" endpoint. It then applies two matching conditions to determine if the vulnerability is present:
If both conditions are met, the module reports the presence of the open redirect vulnerability in Office365 Autodiscover.