Google’s DoubleClick Advertising Platform Vulnerable to Open Redirect Attacks

Google’s DoubleClick Advertising Platform Vulnerable to Open Redirect Attacks


Although Google does not include Open Redirect vulnerabilities in its bug bounty program, its preventive measures against Open Redirect attackshave been quite thorough and effective to date.


However, Google DoubleClick.net advertising system is vulnerable to Open Redirect Attacks. The vulnerability was found by a security researcher Wang Jing from School of Physical and Mathematical Science, Nanyang Technology University, Singapore.


These redirections can be easily used by spammers, too.


Moreover, these vulnerabilities can be used to attack other companies such as Google, eBay, The New York Times, e.g. by bypassing their Open Redirect filters(Covert Redirect).




http://www.hotforsecurity.com/blog/googles-doubleclick-advertising-platform-vulnerable-to-open-redirect-attacks-10822.html