Open redirect vulnerabilities: definition and prevention

Written by Russ McRee,

Sunday, 6 July 2008

The 17th issue of (IN)SECURE Magazine, includes Russ's article about open redirect vulnerabilities:

"An open redirect is a vulnerability that exists when a script allows redirection to an external site by directly calling a specific URL in an unfiltered, unmanaged fashion, which could be used to redirect victims to unintended, malicious web sites."

Covers in detail the open redirects by providing info on real-world examples, prevention solutions and the relation with PCI-DSS standards.


Share this content:
Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.