Download Netsparker
Pricing
Blog
Contact
Netsparker

Open Redirection Web Vulnerability Explained

Open Redirection occurs when vulnerable web page is being redirected to another web page via a user controllable input.

Impact

An attacker can use this vulnerability to redirect users to other malicious web sites which can be used for phishing and similar attacks.

Remedy

  • Where possible do not use users' input for URLs.
  • If you definitely need dynamic URLs, Make a list of valid accepted URLs and do not accept other URLs.
  • Ensure that you only accept URLs which are located on accepted domains.

External References


Go back to the Complete list of Vulnerability Checks.