Tech
Forums
Jobs
Books
Events
Interviews
Live
More
Learn
Training
Career
Members
Videos
News
Blogs
Login
Sign Up
Ask Question
4
Reply
How to prevent open redirection attacks?
Raja
Feb 22 2017 7:49 AM
914
Reply
Observation
Un-validated Redirect: The login form is vulnerable to un-validated redirect attacks:
Affected URLs: https://example.com/login.aspx?returnURL=https://www.attacker.com
Impact
By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
Recomendation
Whitelist the redirect URLs and prevent redirection outside parent domain.
i dont know what is the problem is that.and what they saying.
My understading
if login the application that redirect another un- validated page.
How to fix it what is the problem is that
Upload Source Code
Select only zip and rar file.
Post
Reset
Cancel
Answers (
4
)
Next Recommended Forum
how can temporarily save two or more model object Json file?
how to use nhibernate in asp.net web api