| Details | |
|---|---|
| Alert ID | 200023-2 |
| Alert Type | Tool |
| Status | alpha |
| Risk | Medium |
| CWE | 601 |
| WASC | |
| Technologies Targeted | All |
| Tags |
CWE-601 OWASP_2021_A01 OWASP_2025_A01 TOOL_PTK |
Summary
Tests for open redirect by forcing redirect-like parameters to an external, benign domain.
Generated by OWASP PTK DAST Module
Solution
Validate and constrain any redirect targets so that users cannot be bounced to arbitrary external domains. • Use an allow list of valid redirect destinations or identifiers that are mapped to internal URLs on the server. • Reject absolute URLs that point to untrusted origins and prefer relative paths when possible. • Do not trust parameters such as next, url or redirect without strict validation.Other Info
References
- https://owasp.org/Top10/2025/A01_2025-Broken_Access_Control/
- https://cwe.mitre.org/data/definitions/601.html