Security advisory for open redirect in Vodafone components

Open redirect is a security vulnerability (CWE-601: URL redirection to untrusted site), that can be abused by attackers to forward users to dangerous pages.A web application receives a query parameter with a location, which is normally some kind of internal resource or URL, and sends a HTTP response with status code 301 or 302 with […]
Sebastian Schwegler
Sebastian Schwegler
comment icon 1 21.01.2021