A CWE-601 URL Redirection to Untrusted Site...
High severity
Unreviewed
Published
Nov 15, 2023
to the GitHub Advisory Database
•
Updated Nov 15, 2023
Description
Published by the National Vulnerability Database
Nov 15, 2023
Published to the GitHub Advisory Database
Nov 15, 2023
Last updated
Nov 15, 2023
A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an openredirect vulnerability leading to a cross site scripting attack. By providing a URL-encoded input
attackers can cause the software’s web application to redirect to the chosen domain after a
successful login is performed.
References