Vulnerabilities/

Open Redirection In URL

Severity:: High

Description

Unvalidated redirects and forwards occur when a web application accepts untrusted input that could redirect the user to a URL provided within the input. Attackers exploit this vulnerability by manipulating the URL input to redirect users to malicious sites, leading to phishing scams and credential theft.

Recommendation

Update Django

References

django
OWASP: Unvalidated Redirects and Forwards Cheat Sheet
OWASP: Phishing
CVE-2018-14574
CWE-601
CAPEC-194
CAPEC-310
OWASP 2021-A1
OWASP 2021-A6

Related Issues

Unvalidated Redirection - Vulnerability
Apache mod_jk Access Control Bypass - CVE-2018-11759
Apache Struts OGNL expression RCE S2-057 - CVE-2018-11776
Drupal 'Drupalgeddon2' Remote Code Execution - CVE-2018-7600

Tags:: Django; Python; URL Redirection; Phishing

Anything's wrong? Let us know Last updated on May 13, 2024