Open Redirects #2952
Description
Problem Statement
Several controllers do not validate redirect targets.
Description
- The
_redirectparameter can be set arbitrarily. - So far, no redirects have been identified that exfiltrate sensitive data.
Impact
- Currently no proven exploitation.
- Potential security risk in case of future changes or extensions.
Mitigation
- Enforce an allowlist for redirect targets.
- Require relative URLs only.
Metadata
Metadata
Assignees
Labels
No labels