TECHNOLOGIES
FORUMS
JOBS
BOOKS
EVENTS
INTERVIEWS
Live
MORE
LEARN
Training
CAREER
MEMBERS
VIDEOS
NEWS
BLOGS
Sign Up
Login
No unread comment.
View All Comments
No unread message.
View All Messages
No unread notification.
View All Notifications
Answers
Post
An Article
A Blog
A News
A Video
An EBook
An Interview Question
Ask Question
Forums
Monthly Leaders
Forum guidelines
Raja
NA
2k
356.7k
How to prevent open redirection attacks?
Feb 22 2017 7:49 AM
Observation
Un-validated Redirect: The login form is vulnerable to un-validated redirect attacks:
Affected URLs: https://example.com/login.aspx?returnURL=https://www.attacker.com
Impact
By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
Recomendation
Whitelist the redirect URLs and prevent redirection outside parent domain.
i dont know what is the problem is that.and what they saying.
My understading
if login the application that redirect another un- validated page.
How to fix it what is the problem is that
Reply
Answers (
4
)
how can temporarily save two or more model object Json file?
how to use nhibernate in asp.net web api