What is Redirect?

A redirect happens when the website or web application changes the URL that is accessed in the client (usually external – internal redirects are usually called forwards). There are several ways to do this from the back-end. Usually, redirects are made by sending specific HTTP headers to the client but you can also create redirects, for example, using JavaScript code.

What is Open Redirect?

An open redirect vulnerability exists when the destination of the redirect is provided by the client and it is not filtered or validated. An attacker can construct a URL within the application that causes a redirection to an arbitrary external domain. This behavior can be leveraged to facilitate phishing attacks against users of the application. The ability to use an authentic application URL, targeting the correct domain and with a valid SSL certificate (if SSL is used), lends credibility to the phishing attack because many users, even if they verify these features, will not notice the subsequent redirection to a different domain. In short, if an attacker is able to redirect the user to a malicious website then it can be termed as Open Redirect.

Severity

The severity of Open Redirect Vulnerability can be categorized as P4 with a CVSS score of 3.3 which is Low.

Exploiting Open Redirect