Open Redirect

Description

During the scan, Kayran managed to find the Open Redirect vulnerability.
This problem rises whenever you have input which you then use to redirect the user.
Open Redirection Vulnerability happens when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input.

An attacker could insert a new URL within the application, that can be leveraged to initiate more targeted phishing attacks against users using the application. An attacker could also redirect users to malicious external domains.

Recommendation

Whenever possible, applications should avoid incorporating user-controllable data into redirection destinations.

References

https://cwe.mitre.org/data/definitions/601.html

< Return to all Vulnerabilities

What is Kayran

Kayran scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 30,000+ vulnerabilities.Kayran’s mission is to make

Read More »

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »