Open Redirect

Description

Open Redirect arises whenever you have input which you then use to redirect the user.

Open Redirection Vulnerability happens when a web application accepts an untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input.

Bussines Impact

An attacker could write a new URL within the application, that can be leveraged to more targeted phishing attacks against users of the application.

An attacker could also redirect to a malicious external domain.

Recommendation

Whenever possible, applications should avoid incorporating user-controllable data into redirection destinations.

Reference

https://cwe.mitre.org/data/definitions/601.html

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »