URL Redirection to Untrusted Site 'Open Redirect'
Description
The application may allow open redirects if created using user-supplied input. Open redirects are commonly abused in phishing attacks where the original domain or URL looks like a legitimate link, but then redirects a user to a malicious site.
Examples
Insecure Code
c#
return Redirect(userInput);Secure Code
c#
var targetUrls = new[] { "https://example.com", "https://example.org" }; return Redirect(targetUrls[1]);Remediation
Never redirect a client based on user input. Instead, contain the list of target links server-side and retrieve them using a numerical value as an index to return the link to be redirected to.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0448 |
| Category | Web |
| Severity | HIGH |
| CWE | CWE-601 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | open redirect, phishing, unvalidated redirects |
| OWASP | A1:2017-Injection, A03:2021-Injection |