Open Redirect

Description

During the scan, Kayran managed to find the Open Redirect vulnerability.
This problem rises whenever you have input which you then use to redirect the user.
Open Redirection Vulnerability happens when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input.

An attacker could insert a new URL within the application, that can be leveraged to initiate more targeted phishing attacks against users using the application. An attacker could also redirect users to malicious external domains.

Recommendation

Whenever possible, applications should avoid incorporating user-controllable data into redirection destinations.

References

https://cwe.mitre.org/data/definitions/601.html

< Return to all Vulnerabilities

Using VPN

What is a VPN? Why should someone be using VPN? Which Problems does is solve? and what is the advantages and disadvantages of it? Let’s

Read More »