sprotechs.com
pop-up XSS using open redirect - Sprotechs
I was searching for vulnerabilities on a private website. I found a parameter something like site.com/?url=http://site.com/home.php. I was shocked when I changed the parameter to site.com/?url=http://google.com, it redirected to google.com.