-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
3.2.5
-
PHP 7.2
When a user logs in, or authenticates using the built in Oauth system of phpBB, the redirection URL is not followed nor included following the login process. A user could be in the middle of something and they will always be redirected to the forum main page.
Fixing this could be as easy as including the redirection to the Oauth provider when returning back to phpBB. This may add the vulnerability if the Oauth provider is not trusted and for some reason rewrites the redirection, but that seems unlikely.
- is duplicated by
-
PHPBB-16104 oAuth not working when using direct link to viewtopic.php
- Closed