Open Redirect

Description

During the scan, Kayran managed to find the Open Redirect vulnerability.
This problem rises whenever you have input which you then use to redirect the user.
Open Redirection Vulnerability happens when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input.

An attacker could insert a new URL within the application, that can be leveraged to initiate more targeted phishing attacks against users using the application. An attacker could also redirect users to malicious external domains.

Recommendation

Whenever possible, applications should avoid incorporating user-controllable data into redirection destinations.

References

https://cwe.mitre.org/data/definitions/601.html

< Return to all Vulnerabilities

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »