Open redirect vulnerabilities: definition and preventionWritten by Russ McRee, HolisticInfoSec.org
Sunday, 6 July 2008
The 17th issue of (IN)SECURE Magazine, includes Russ's article about open redirect vulnerabilities:
"An open redirect is a vulnerability that exists when a script allows redirection to an external site by directly calling a specific URL in an unfiltered, unmanaged fashion, which could be used to redirect victims to unintended, malicious web sites."
Covers in detail the open redirects by providing info on real-world examples, prevention solutions and the relation with PCI-DSS standards.
Share this content: