Detections
Analytics
Unvalidated DOM redirect
medium Web App Scanning Plugin ID 98103
Language:
Synopsis
Unvalidated DOM redirectDescription
Web applications occasionally use DOM input values to store the address of the page to which the client will be redirected -- for example: `yoursite.com/#/?redirect=www.yoursite.com/404.asp`An unvalidated redirect occurs when the client is able to modify the affected parameter value and thus control the location of the redirection. For example, the following URL `yoursite.com/#/?redirect=www.anothersite.com` will redirect to `www.anothersite.com`.
Cyber-criminals will abuse these vulnerabilities in social engineering attacks to get users to unknowingly visit malicious web sites.
Scanner has discovered that the web page does not validate the parameter value prior to redirecting the client to the injected value.
Solution
The application should ensure that the supplied value for a redirect is permitted. This can be achieved by performing whitelisting on the parameter value.The whitelist should contain a list of pages or sites that the application is permitted to redirect users to. If the supplied value does not match any value in the whitelist then the server should redirect to a standard error page.
Plugin Details
Severity: Medium
ID: 98103
Type: remote
Family: Web Applications
Published: 3/31/2017
Updated: 8/29/2023
Scan Template: full, pci, scan
Risk Information
VPR
Risk Factor: Low
Score: 2.2
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS Score Source: Tenable
CVSS v3
Risk Factor: Medium
Base Score: 4.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
CVSS Score Source: Tenable
Reference Information
CWE: 601
OWASP: 2010-A10, 2013-A10, 2021-A1
WASC: URL Redirector Abuse
DISA STIG: APSC-DV-002560
HIPAA: 164.306(a)(1), 164.306(a)(2)
ISO: 27001-A.14.2.5
NIST: sp800_53-SI-10
OWASP API: 2019-API7, 2023-API8
OWASP ASVS: 4.0.2-5.1.5
PCI-DSS: 3.2-6.5.8