Medium Severity
Open redirect: BMW USA
Description
Message contains use of BMW USA's open redirect but the sender is not BMW.
References
No references.
Sublime Security
Created Aug 17th, 2023 • Last updated Aug 17th, 2023
Feed Source
Sublime Core Feed
Source
type.inbound
and sender.email.domain.root_domain not in~ ('bmw.com', 'bmwusa.com')
and any(body.links, .href_url.domain.domain == 't.msg.bmwusa.com' and .href_url.path =~ '/r/')
Playground
Test against your own EMLs or sample data.