Netsparker detected an open redirect vulnerability in a POST parameter. Open redirect occurs when a web page is being redirected to another URL in another domain via a user-controlled input.

Because the vulnerability can be only exploited via POST requests, its impact is very limited and it cannot be directly use for common Open Redirect attacks such as phishing.
  • Where possible, do not use users' input for URLs.
  • If you definitely need dynamic URLs, use whitelisting. Make a list of valid, accepted URLs and do not accept other URLs.
  • Ensure that you only accept URLs those are located on the trusted domains.
WASC-38, OWASP 2013-A10
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

Search Category


Search Vulnerability