search

Open Redirects

circle-info

An open redirect is a vulnerability where a web application allows an attacker to redirect users to an arbitrary, untrusted URL.

triangle-exclamation

This can be exploited for phishing attacks, where users are tricked into visiting malicious websites that steal sensitive information.

circle-check

Validate and restrict URL parameters to allow only trusted, predefined URLs for redirection.

hashtag
Example

The example below is based on PostSwigger's DOM-based open redirectionarrow-up-right lab.

If we perform a code review at the front-end code, we will notice the the Back to Blog button searches a regex pattern (http:// or https://) and if it redirects to it if one is found (Figure 1).

Figure 1: Performing frond-end code review.

As a result, we can pass a url parameter ourselves redirecting to the exploit server (Figure 2).

Figure 2: Exploiting an Open Redirect vulnerability.
PreviousMass AssignmentNextOpenFire

Last updated