Unexpected Redirect Response Body (Two Responses)

Severity: Low
Summary#

Invicti identified an unexpected redirect response body (two responses).

This generally indicates that after redirect the page did not finish the response as it was supposed to.

Impact#
This can lead to serious issues such as authentication bypass in authentication-required pages. In other pages it generally indicates a programming error.
Remediation#
  1. Finish the HTTP response after you redirect the user.
  2. In ASP.NET, use Response.Redirect("redirected-page.aspx", true) instead of Response.Redirect("redirected-page.aspx", false).
  3. In PHP applications, call exit() after you redirect the user.
Classifications#

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works