This check looks at user-supplied input in query string parameters and POST data to identify where open redirects might be possible.
This check looks at user-supplied input in query string parameters and POST data to identify where open redirects might be possible. Open redirects occur when an application allows user-supplied input (e.g., http://nottrusted.com) to control an offsite redirect. This is generally a pretty accurate way to find where 301 or 302 redirects could be exploited by spammers or phishing attacks.
For example, an attacker could supply a user with the following link: http://example.com/example.php?url=http://malicious.example.com.
To avoid the open redirect vulnerability, parameters of the application script/program must be validated before sending 302 HTTP code (redirect) to the client browser. Implement safe redirect functionality that only redirects to relative URI's, or a list of trusted domains
We make your startup secure and compliant by implementing and managing the security controls your customers require.
The 'Referer Exposes Session ID' vulnerability is a type of security flaw that can allow an attacker to hijack a user's session by exploiting the Referer header in HTTP requests.