From aldeid
Jump to navigation Jump to search

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')


Some web applications contain redirections. If they are not properly handled, they could enable an attacker to redirect a victim to non-expected resources.

Let's take an example. Given a PHP page that has following code in it:

 * index.php
$redirect_url = $_GET['url'];
header("Location: " . $redirect_url);

A normal behavior could be an internal redirection to another page of the same application. Although, this poor code would enable an attacker to use:
You might also see: Remote File Inclusion (RFI)

Risk measurement

Weakness Prevalence High
Remediation Cost Medium
Attack Frequency Sometimes
Consequences Code execution, Data loss, Denial of service
Ease of Detection Easy
Attacker Awareness Medium