Closed matsza closed 1 year ago
Redirect to link is working even if email model hash was missing in url query. You can generate links that redirect to other pages. Because of this error, my website was used for phishing campaigns.
Example of prepared url: https://example.com/email/n?l=https://google.com
This PR is fixing this by ensuring, that model hash exists and is valid.
Redirect to link is working even if email model hash was missing in url query. You can generate links that redirect to other pages. Because of this error, my website was used for phishing campaigns.
Example of prepared url: https://example.com/email/n?l=https://google.com
This PR is fixing this by ensuring, that model hash exists and is valid.