Web Server Generic 3xx Redirect
Medium Nessus Plugin ID 33927
SynopsisThe remote web server allows redirects to arbitrary domains.
DescriptionThe remote web server is configured to redirect users using a HTTP 302, 303 or 307 response. However, the server can redirect to a domain that includes components included in the original request.
A remote attacker could exploit this by crafting a URL which appears to resolve to the remote server, but redirects to a malicious location.
SolutionContact the web server vendor for a fix.