Beware of Unvalidated Redirects and Forwards


Unvalidated redirects and forwards is a common problem that occurs when a web application trusts or accepts unsecured input that typically causes the said application to redirect any requests made to a website URL located within the unsecured input. Hackers typically resort to this type of attack to launch phishing scams and make away with sensitive data. This vulnerability has become a serious problem this decade as it can easily exploit unsuspecting users. They are also used as a small part of a chain attack to unleash a set of vulnerabilities, and more often than not, basic security steps will be able to shield users from these attacks.


Related Posts