An old story of a bug I uncovered and reported to Razer’s vulnerability disclosure programme resurfaced recently while I was chatting with Linus Särud. Back in 2017, I uncovered a snippet of JavaScript code on deals.razerzone.com which handled redirection after a user logged in. // let rurl = document.location.href; if (razerUserLogin) { rurl=rurl.split("rurl=")[1]; location.href= decodeURIComponent(rurl); } The code extracted the value from the rurl GET parameter, and redirected the user ...
