Open Redirection

What is Open Redirection?

Open redirection vulnerabilities arise when an application incorporates user-controllable data into the target of a redirection in an unsafe way. An attacker can construct a URL within the application that causes a redirection to an arbitrary external domain.

References

• https://www.youtube.com/watch?v=4Jk_I-cw4WE

• https://blog.detectify.com/2019/05/16/the-real-impact-of-an-open-redirect/

• https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/understanding-and-discovering-open-redirect-vulnerabilities/

• https://github.com/cujanovic/Open-Redirect-Payloads/blob/master/Open-Redirect-payloads.txt

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open%20Redirect