Open Redirection In URL
Impact: High
Description
Unvalidated redirects and forwards are possible when a web application accepts untrusted input that could cause the web application to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. OWASP
Recommendation
Update Django
References
- django
- OWASP: Unvalidated Redirects and Forwards Cheat Sheet
- CVE-2018-14574
- OWASP 2017-A9
- OWASP 2021-A6
- CWE-601
- OWASP 2013-A10
- OWASP 2021-A1
- CWE-20
- OWASP 2021-A3
👉 You might also like:
Unvalidated Redirection - Vulnerability
Drupal 'Drupalgeddon2' Remote Code Execution - CVE-2018-7600
WordPress Plugin Smart Google Code Inserter 3.5 SQLI - CVE-2018-3810
Joomla! Component File Download Tracker 3.0 SQLI - CVE-2018-6004
Last updated on February 07, 2022