Summary #

Netsparker identified an unexpected redirect response body (two responses).

This generally indicates that after redirect the page did not finish the response as it was supposed to.

Impact #
This can lead to serious issues such as authentication bypass in authentication-required pages. In other pages it generally indicates a programming error.
Remediation #
  1. Finish the HTTP response after you redirect the user.
  2. In ASP.NET, use Response.Redirect("redirected-page.aspx", true) instead of Response.Redirect("redirected-page.aspx", false).
  3. In PHP applications, call exit() after you redirect the user.
Classifications #
CWE-698, ISO27001-A.14.2.5, WASC-25
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

OR

Search Vulnerability

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO