Description
Unvalidated redirects and forwards occur when a web application accepts untrusted input that could redirect the user to a URL provided within the input. Attackers exploit this vulnerability by manipulating the URL input to redirect users to malicious sites, leading to phishing scams and credential theft.
Recommendation
Update Django
References
- django
- OWASP: Unvalidated Redirects and Forwards Cheat Sheet
- OWASP: Phishing
- CVE-2018-14574
- CWE-601
- CAPEC-194
- CAPEC-310
- OWASP 2021-A1
- OWASP 2021-A6
Related Issues
- Open Redirect in url-parse - CVE-2018-3774
- Open Chinese Convert subject to Denial of Service via Out-of-bounds Read - CVE-2018-16982
- Open redirect in url-parse (GHSA-hh27-ffr2-f2jc) - CVE-2021-3664
- Unvalidated Redirection - Vulnerability
- Tags:
- Django
- Python
- URL Redirection
- Phishing
Anything's wrong? Let us know Last updated on May 13, 2024